Nansen is hiring a

Web3 Senior Security Engineer

Nansen surfaces the signal and creates winners in the future of finance. We're building a new way to trade: agentic, onchain, and fully integrated. From analytics to execution, we're the platform where investors find alpha and act on it.The Opportunity As we scale our product, staking operations, and AI-powered capabilities, security matters more than ever. We're hiring a Senior Security Engineer to strengthen our security posture across the entire engineering organisation. You'll work closely with the Head of Security and collaborate hands-on with engineering teams across the company to ensure that the systems we build are secure by design. This is a generalist security role. You'll operate across application security, cloud infrastructure security, and organizational security practices. It's ideal for someone who thrives in a high-autonomy environment, is comfortable spanning multiple security domains, and wants to have outsized impact at a growing company.What You'll Do

Conduct security reviews of systems, architectures, and code — proactively identifying and addressing vulnerabilities. Serve as a go-to security advisor for engineering teams, helping them make secure design decisions. Define and implement security standards across cloud infrastructure, applications, and blockchain systems. Implement and maintain security tooling: vulnerability scanning, endpoint protection, SIEM, logging and monitoring. Secure CI/CD pipelines and deployment workflows from a security perspective. Secure internal AI tools and LLM integrations — from API key management and prompt injection prevention to evaluating the security implications of AI adoption across the organization. Manage and improve secrets management, key management, and access control practices across the organization. Define and maintain secure coding guidelines and security review processes for engineering teams. Collaborate with external providers on penetration tests and security audits, ensuring findings are prioritized and remediated. Participate in incident response: investigation, containment, root cause analysis, and post-incident improvements. Support compliance and audit readiness by implementing required security controls and maintaining documentation.

What We're Looking For

Strong understanding of cloud security (AWS, GCP, or similar), container security, and network security fundamentals. Hands-on experience implementing and operating security tools (SIEM, vulnerability scanners, endpoint protection, cloud security tooling). Experience with secrets management, key management, and encryption best practices. Experience securing AI/LLM tooling, agent-based systems, and modern developer platforms. Familiarity with securing CI/CD pipelines and developer tooling. Solid understanding of compliance frameworks (SOC 2, ISO 27001, or similar). Proficiency with AI-powered tools in day-to-day work, with a drive to find the best balance between productivity and security. Clear written and verbal communication skills, suited for a remote-first, async environment. A pragmatic, hands-on mindset — comfortable working across security domains rather than specializing narrowly.

Nice to Have

Experience securing blockchain systems, smart contracts, or staking infrastructure. Experience with Kubernetes and infrastructure-as-code security (Terraform). Background in incident response or security operations. Interest in or experience with the crypto/Web3 space.

How We Work

We're remote-first, with async communication as the default and purposeful use of video calls. We work across time zones, with EMEA working hours preferred for this role to overlap with the Head of Security and core engineering teams. We use Slack and structured documentation to keep everyone aligned and empowered. You'll join a high-autonomy team where engineers are trusted to take initiative, propose ideas, and ship great work.

Apply Now: