Provable is hiring a

Web3 Security Engineer

The Role

Provable is seeking a Security Engineer to manage and secure our technology infrastructure, focusing on cryptocurrency private keys, GCP practices, and system administration. The ideal candidate will be a proactive problem-solver with a passion for leveraging security practices to drive efficiency and innovation within a fast-paced startup environment.

Responsibilities

• Manage and secure cryptocurrency private keys, ensuring best practices for key management.

• Implement and enforce policies for key storage and access, including the use of hardware security modules (HSMs) and multi-signature setups.

• Secure and audit GCP infrastructure and practices, including IAM roles, security groups, and other GCP security features.

• Perform regular security audits and compliance checks to identify and address vulnerabilities.

• Set up and manage Multi-Factor Authentication (MFA) for all critical systems.

• Monitor and respond to security incidents and alerts, conducting vulnerability assessments and penetration testing.

• Perform system administration tasks, ensuring the high availability and reliability of infrastructure.

• Participate in on-call rotations to maintain and troubleshoot infrastructure issues.

• Develop and maintain security policies, procedures, and documentation.

• Conduct security training and awareness programs for staff, keeping up with the latest security trends and technologies.

What We’re Looking For

• Bachelor's degree in Computer Science, Information Security, or a related field.

• 3+ years of experience in security engineering.

• Proficiency in managing cryptocurrency private keys and secure key management practices.

• Strong knowledge of GCP security best practices.

• Experience with system administration (Linux/Unix) and MFA implementation.

• Knowledge of security frameworks and standards (e.g., NIST, ISO 27001).

• Experience with scripting for process automation and security enhancement.

• Proficiency with Linux (CentOS, Red Hat, Ubuntu, Kali), Windows, macOS, and cloud platforms (GCP, AWS, Azure).

• Familiarity with security tools such as BeyondTrust, Burp Suite, Elastic SIEM, Metasploit, Nessus, Nmap, OpenVAS, OSINT, PKI, QRadar, Splunk, Tanium, VMware Carbon Black, and Wireshark.

• Certifications such as ATT&CK Cyber Threat Intelligence, AWS Cloud Practitioner, Infosec Institutes Threat Hunting Professional, Microsoft Azure Fundamentals, Network+, Security+, VMware Carbon Black App Control Associate.

• Exceptional analytical and problem-solving skills.

• Strong communication and documentation skills.

• Ability to work independently and in a team-oriented environment.

• Attention to detail and a proactive approach to security.

• Willingness to learn.

Preferred Qualifications

• Certifications related to GCP, Security, and Networking.

• Experience with blockchain and cryptocurrency projects.

• Knowledge of secure software development practices.

• Familiarity with containerization and orchestration tools (e.g., Docker, Kubernetes).

• Experience in developing security automation scripts using Python, PowerShell, Bash, Terraform, or Ansible for process efficiency and consistency.

• Proficiency in configuring, managing, and optimizing Zscaler services for secure internet access, including ZIA (Zscaler Internet Access) and ZPA (Zscaler Private Access).

• Experience in implementing Zero Trust Network Architecture (ZTNA) and Secure Access Service Edge (SASE) frameworks.

• Familiarity with regulatory and industry certifications (FedRAMP, NIST 800-53, NIST CSF, SOC 2, SOX and GDPR).

Benefits

• Monthly budget for expenses relating to working in a remote environment (home office setup & supplies, transportation, fitness & personal well-being, continued learning, etc.).

• Comprehensive, top-tier healthcare coverage.

• Flexible vacation policy.

• Ability to attend major industry conferences and global events at the company’s expense.

• Regular team off-sites and retreats.

‍Aleo is committed to diversity in its workforce and is proud to be an equal-opportunity employer and to review all of our job postings to minimize biased language. Aleo does not make hiring or employment decisions on the basis of race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state, or federal law. Aleo will also consider for employment qualified applicants with arrest and conviction records in a manner consistent with San Francisco’s Fair Chance Ordinance and similar local laws.‍

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants.

Apply Now: