Senior Security Engineer

Nansen surfaces the signal and creates winners in the future of finance. We're building a new way to trade: agentic, onchain, and fully integrated. From analytics to execution, we're the platform where investors find alpha and act on it.

The Opportunity

As we scale our product, staking operations, and AI-powered capabilities, security matters more than ever. We're hiring a Senior Security Engineer to strengthen our security posture across the entire engineering organisation. You'll work closely with the Head of Security and collaborate hands-on with engineering teams across the company to ensure that the systems we build are secure by design.

This is a generalist security role. You'll operate across application security, cloud infrastructure security, and organizational security practices. It's ideal for someone who thrives in a high-autonomy environment, is comfortable spanning multiple security domains, and wants to have outsized impact at a growing company.

What You'll Do

• Conduct security reviews of systems, architectures, and code — proactively identifying and addressing vulnerabilities.
• Serve as a go-to security advisor for engineering teams, helping them make secure design decisions.
• Define and implement security standards across cloud infrastructure, applications, and blockchain systems.
• Implement and maintain security tooling: vulnerability scanning, endpoint protection, SIEM, logging and monitoring.
• Secure CI/CD pipelines and deployment workflows from a security perspective.
• Secure internal AI tools and LLM integrations — from API key management and prompt injection prevention to evaluating the security implications of AI adoption across the organization.
• Manage and improve secrets management, key management, and access control practices across the organization.
• Define and maintain secure coding guidelines and security review processes for engineering teams.
• Collaborate with external providers on penetration tests and security audits, ensuring findings are prioritized and remediated.
• Participate in incident response: investigation, containment, root cause analysis, and post-incident improvements.
• Support compliance and audit readiness by implementing required security controls and maintaining documentation.

What We're Looking For

• Strong understanding of cloud security (AWS, GCP, or similar), container security, and network security fundamentals.
• Hands-on experience implementing and operating security tools (SIEM, vulnerability scanners, endpoint protection, cloud security tooling).
• Experience with secrets management, key management, and encryption best practices.
• Experience securing AI/LLM tooling, agent-based systems, and modern developer platforms.
• Familiarity with securing CI/CD pipelines and developer tooling.
• Solid understanding of compliance frameworks (SOC 2, ISO 27001, or similar).
• Proficiency with AI-powered tools in day-to-day work, with a drive to find the best balance between productivity and security.
• Clear written and verbal communication skills, suited for a remote-first, async environment.
• A pragmatic, hands-on mindset — comfortable working across security domains rather than specializing narrowly.

Nice to Have

• Experience securing blockchain systems, smart contracts, or staking infrastructure.
• Experience with Kubernetes and infrastructure-as-code security (Terraform).
• Background in incident response or security operations.
• Interest in or experience with the crypto/Web3 space.

How We Work

• We're remote-first, with async communication as the default and purposeful use of video calls.
• We work across time zones, with EMEA working hours preferred for this role to overlap with the Head of Security and core engineering teams.
• We use Slack and structured documentation to keep everyone aligned and empowered.
• You'll join a high-autonomy team where engineers are trusted to take initiative, propose ideas, and ship great work.