PAM Engineer, Identity and Access Management
Fisher Investments
AWSAzureCloudCyber SecurityGoogle Cloud PlatformJavaScriptPython
Head of Cybersecurity
P2P Labs & P2P Tech Services
full-time
Posted on:
Origin: • 🇵🇱 Poland
Visit company websiteJob Level
Lead
Tech Stack
AWSCloudCyber SecurityGoGoogle Cloud PlatformJavaScriptKubernetesOraclePythonSDLC
About the role
- Define and drive the company-wide cybersecurity strategy aligned with business, regulatory, and client needs
- Build, lead, and mentor a high-performing team of cybersecurity and ICS engineers
- Serve as executive-level liaison to regulators, auditors, clients, and (future) board committees
- Partner with Risk, Legal, and Compliance teams to ensure readiness for public company standards (e.g., SOX, SEC disclosure requirements, risk management frameworks)
- Lead hands-on technical work: penetration testing, exploit research, vulnerability assessments, and secure architecture reviews
- Design and enforce security patterns for blockchain infrastructure, validator nodes, smart contracts, and cryptographic systems
- Oversee architecture reviews, threat modeling, and code reviews for critical systems (web, API, mobile, blockchain)
- Build and maintain security architecture diagrams, process flows, and technical risk assessments
- Establish and oversee security operations, monitoring, and incident response capabilities
- Drive compliance with SOC 2, ISO 27001, GDPR, PCI DSS, and other regulatory/security frameworks
- Prepare the company for licensing and regulatory regimes (e.g., MiCA, U.S. state/federal regimes, MAS, FCA)
- Build internal controls and documentation suitable for IPO-readiness and engagement with financial regulators
- Partner with product and engineering teams to embed security into the SDLC
- Work with vendors and partners to validate and ensure secure integration
- Promote a strong security culture through training, awareness, and leadership
Requirements
- 8+ years of proven experience in cybersecurity, software engineering, or computer science with a focus on security
- 5+ years developing security programs or defining secure architectures
- 3+ years directly managing cybersecurity engineers
- Demonstrated experience preparing organizations for public company requirements (SOX ITGC, enterprise risk, audit readiness)
- Prior exposure to regulatory environments (FCA, SEC, ESMA, MAS, etc.) and licensing processes for fintech/crypto firms
- Deep technical expertise in penetration testing, threat modeling, and secure systems architecture
- Strong knowledge of cloud-native security (AWS, GCP, Oracle cloud PaaS/IaaS/serverless)
- Strong knowledge of k8s security
- Familiarity with blockchain, crypto custody, validator infrastructure, and smart contract attack vectors
- Proficiency in multiple programming languages (Python, Go, C/C++, JavaScript)
- Strong knowledge of common attacks and vulnerabilities (OWASP Top 10, SANS CWE 25)
- Expertise in security operations, SIEM, SOC design, incident response, and forensic analysis
- Familiarity with CI/CD pipelines, DevSecOps practices, and agile methodologies
- Certifications preferred: CISSP, CISM, OSCP, OSWE, OSCE, CEH, Security+, GSEC
- Cloud security certifications (AWS/GCP) preferred
- Audit/regulatory certifications (CISA, CRISC) a plus
Similar jobs on JobTailor
Staff Cyber Security Engineer - GRC Automation (REMOTE)
GEICO
AWSAzureCloudCyber SecurityDistributed SystemsDockerGoogle Cloud PlatformJavaJavaScriptKubernetesNoSQLPython+2 more
Senior Security Operations Manager
Pure Storage
AssemblyAWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxMacOSPythonSplunk
Application Security Architect
Liebherr Group
AWSAzureCloudCyber SecurityDockerGoogle Cloud PlatformJenkinsKubernetesMicroservicesSDLC
Information Security Manager, Cyber Security Business Partner
PEXA
AWSAzureCloudCyber SecurityGoogle Cloud Platform