Visit our website Register with us

logo

View all jobs

Crypto Security & Risk Manager

Sofia, Sofia · Information Technology

Job Title: Crypto Security & Risk Manager
Location: Sofia, Bulgaria
Employment Type: Regular Full-Time (Hybrid: 3 days in-office)

Overview:
Are you ready to own the future of crypto security at scale? We're seeking a strategic and technically sharp Crypto Security and Risk Manager to serve as the key stakeholder in crypto operations security for our multi-asset brokerage platform. This is more than a support role—you’ll shape policy, define architecture standards, and embed risk controls from wallets and custody through to frontend architecture and operational integrations.

You’ll work closely with the Head of Exchange and Director of Product to ensure crypto security is integrated into every technical and operational decision across the organization. This role combines hands-on technical awareness with security governance, audit coordination, and regulatory compliance.

Key Responsibilities

Security Leadership:

  • Serve as the primary security point of contact for the crypto silo, covering exchange operations, custody, wallet flows, and internal tools

  • Contribute to platform design decisions and embed crypto security practices across development and operations

  • Define and implement secure workflows for key management, approvals, admin access, and privileged actions

Custody & Business Continuity:

  • Design secure custody solutions (MPC, key threshold logic, recovery protocols)

  • Represent crypto in Business Continuity and Disaster Recovery planning, ensuring resilient custody and asset access

Policy Ownership & Audit Coordination:

  • Own the Crypto Risk Policy and align it with enterprise standards and regulatory requirements

  • Coordinate internal and external audits covering policy, infrastructure, and operational security controls

Security Controls & Data Protection:

  • Define role-based access controls, escalation paths, and segregation of duties across crypto operations

  • Ensure proper handling of PII and mitigation of common threat vectors such as XSS, CSRF, injection, session hijacking, impersonation, and rate-based abuse

Monitoring & Incident Response:

  • Contribute to crypto-specific monitoring, alerting, and audit logging frameworks

  • Develop and execute incident response plans, including log analysis and forensic readiness

  • Manage SIEM tools to centralize logging and detect anomalies in crypto workflows

Governance & Risk:

  • Maintain and report on a crypto-specific operational risk register

  • Participate in internal risk and compliance committees, providing crypto-focused security insight

Requirements

  • Minimum 5 years in cybersecurity or DevSecOps, with at least 2 years in crypto exchanges, custody, or blockchain operations

  • Demonstrated expertise in custody models (MPC, HSM, multi-sig), blockchain risk, and wallet infrastructure

  • Experience with AWS and secure system integrations

  • Proven ability to coordinate audits, write policies, and support regulatory compliance (e.g. MiCA, DORA)

  • Excellent communication in English (C1+), with experience working cross-functionally

Preferred Qualifications

  • Experience with custody platforms such as Fireblocks or Qredo

  • Understanding of attack patterns in API and frontend architecture

  • Background in crypto-specific incident response or security investigations

  • Relevant certifications (e.g., CISSP, CISM, AWS Security, GCPN)

What’s in It for You

  • Competitive base salary plus uncapped quarterly bonus

  • Hybrid work model with 3 days per week in the office

  • Monday to Friday schedule with no weekend work

  • Additional health insurance for peace of mind

  • Food vouchers and fresh fruit in the office

  • On-site fitness center, sports card, and game room

  • Sponsored sports and wellness events

  • Annual budget for professional development, training, and certifications

  • Exclusive company discounts and employee initiatives

How to Apply

To apply, please send your CV in English. All applications will be treated with strict confidentiality. Only shortlisted candidates will be contacted.

InterContinental Recruiting Ltd. holds a recruitment license from the National Agency of Employment No 2087/22.07.2016.


InterContinental Recruiting

Please contact us with any questions:

Email: sofia@icrecruiting.eu 
Phone: (w) 359 2 811 1366
Recruitment license from National Agency of Employment No 2087/22.07.2016

Share This Job

Powered by