Magic Eden is looking to hire a Head of Security and IT to join the team.
Magic Eden is the #1 NFT marketplace on Solana. Our mission is to be the destination for discovering, trading, and creating NFTs. Magic Eden has been a community-first marketplace since day 1 and strives to be the most customer-centric NFT marketplace. We’re a remote first company with competitive benefits and perks; all the roles are open for global talent.
ME’s Head of Security and IT will lead company efforts to build out our security and enterprise technology functions. You will be counted on to evaluate risks and vulnerabilities and to develop safeguards and processes to keep Magic Eden and our customers safe. We’re looking for someone with a healthy dose of paranoia for security in this dynamic ecosystem. If you’re a strong technical minded security leader seeking to define and pave the way for a fast growing startup, we’d love to talk.
What you’ll be doing:
- Set the strategic vision for the Magic Eden’s security organization and oversee all corporate and IT security
- Partner across Magic Eden to ensure that security is designed into our products and processes from inception.
- Develop and strengthen risk and compliance programs at Magic Eden
- Expand Magic Eden’s security initiatives around threat modeling, monitoring, response to threats, security architecture, design reviews, and secure software development life cycle (SDLC)
- Implement and maintain bug bounty programs and penetration testing
- Define and execute Magic Eden’s IT vision for global hiring
- Define, maintain, and enforce security policies.
- You have the ability to thrive in a dynamic, fast-paced, collaborative, and high-growth environment
- Have applied knowledge of security concerns with application architecture, networking, operating systems, configuration management, and cloud services.
- Understanding of cloud security technologies (e.g. IDS/IPS, VPC, DLP), identity management (e.g. SAML SSO, RBAC vs. ABAC) and AWS security tools (e.g. GuardDuty, Inspector, Security Hub) would be an added advantage.
- Startup and SaaS experience with a passion and desire to be hands-on.
- Hands on practical experience AWS/Cloud Security, network security, product security or security operations center (e.g. red vs. blue teams).
- Experience developing Information Security Management System programs (e.g. product security, vulnerability management, security operations center).
- Expertise in governance, risks and compliance frameworks or certifications such as SOC2 Type II, ISO 27001, 27017, 27018, 27701 and 27032.
- Experience defining data privacy and information security policies.
- Ability to move at a high velocity and go the extra mile making the right tradeoffs between speed and quality.
- Relevant security credentials or certification, e.g. CISSP, CCEP, CCSP, CISA.
- Prior experience in customer security areas, e.g. responding to customer security questionnaires, handling customer escalations, cyber security incidents, security researchers.
- Experience implementing IT systems in a cloud-first environment