Security Engineer, Institutional Trading at Blockchain.com

<div class="content-intro"><p><strong>Blockchain</strong> is connecting the world to the future of finance. As the most trusted and fastest-growing global crypto company, it helps millions of people worldwide safely access cryptocurrency. Since its inception in 2011, Blockchain has earned the trust of over 90 million wallet holders and more than 40 million verified users, facilitating over $1 trillion in crypto transactions.</p></div><p>You’ll be the hands-on security engineer embedded with the Institutional Trading and Financial Operations (FinOps) team. Your focus is the secure operation of <em>off-chain trading processes and infrastructure</em> that empowers our institutional business: integrations, signing flows, key custody interfaces, middle-office workflows, order routing and settle pipelines that handle significant capital. You will support risk assessments, operating controls, automation to detect operational anomalies and remediation coordination. This is a high-visibility role where you will focus on operational security engineering - ensuring that the tools and processes our traders use are resilient against both external threats and internal errors. This role does <em>not</em> require smart-contract auditing.</p> <p><strong>WHAT YOU WILL DO</strong></p> <ul> <li>Partner with Trading, Middle Office and Quant (Institutional FinOps) teams to map out inventory trading systems, data flows, third-party integrations and custody/settlement touchpoints.</li> <li>Conduct deep-dive assessments mapping critical assets and workflows to identify structural vulnerabilities. You will be responsible for defining the Target State and drafting the strategic Risk Treatment Plans (RTP) required to meet institutional-grade standards (e.g., CCSS, NIST, DORA).</li> <li>Act as the primary security liaison for Senior Management and third-party vendors. You will translate complex technical gaps into actionable business risk summaries, drive vendor evaluations for core security infrastructure, and manage the project lifecycle for high-impact posture uplifts.</li> <li>Implement and maintain monitoring for FinOps-specific security signals such as abnormal order patterns, signature misuse, unusual settlements. You will integrate these signals into our SIEM/SOAR for real-time response.</li> <li>Support secrets and key-management hygiene. You will ensure app/service keys are stored in KMS/Vault, scoped to least privilege and rotated automatically to prevent credential leakage.</li> <li>Assist product security in triage of SAST/SCA findings for FinOps-related repositories. You will help implement CI checks and remediation playbooks.</li> <li>Participate in incident exercises, post-incident reviews and remediation tracking for trading incidents.</li> <li>Document contro