Blockchain Security Architect
eToro is engaged with blockchain technology to provide DeFi products for our customers.
The company offers multiple blockchain solutions such as crypto trading and staking* on our social trading platform, crypto-assets wallet, exchange platform, tokenization of assets, and more.
In this role, you will help shape the security aspects of various blockchain initiatives.
From analyzing blockchain protocols, architectures and design, to identifying potential security gaps and suggesting appropriate solutions.
What you will be doing:
- Research blockchain protocols to understand their security guarantees
- Perform security threat modeling and risk assessments, and derive practical security requirements for our blockchain initiatives
- Develop and maintain an applications development security strategic plan, roadmap and architecture process in alignment with enterprise policies and standards.
- Develop and implement security solutions and capabilities for applications teams that are clearly aligned with business, technology and threat drivers.
- Develop and maintain security architecture artifacts (models, templates, controls, standards and procedures) that can be used to leverage security
- Conduct or participate in incident response exercises, forensic analysis, penetration testing, disaster recovery planning and business continuity
- Advocate and enforce cybersecurity best practices and share insights throughout the organization.
- Leading and producing security solutions for organizational and technological projects from the initiating phase to production in the aspect of cyber threats
- Collaborate with business stakeholders to translate business requirements to secured implementations
- At least 5 years of experience in a cybersecurity discipline at a senior level.
- Deep understanding of application security topics (e.g. OWASP Top 10)
- Deep understanding of blockchain technologies
- Solid foundation in blockchain-based attacks
- Solid foundation in decentralized applications and their execution mechanism (e.g. ERC20 smart contracts)
- Strong analytical abilities
- Strong passion for Bitcoin, Ethereum and other crypto assets
- Strong communication skills with non-technical people
- Verifiable experience reviewing application code for security vulnerabilities and implementing secure coding practices.
- Expert understanding of containers, virtualization strategies, public cloud services and identity access management technologies
- Advantage: OSCP / CEH accreditation.
- Familiarity with DASP Top 10
- Familiarity with DeFi systems (e.g. Compound, staking)