Senior Product Security Engineer / Architect [Lausanne]
Taurus Sa
Lausanne, Switzerland
6 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Shift work Languages
English Experience level
SeniorJob location
Remote
Lausanne, Switzerland
Tech stack
Kubernetes Security
Amazon Web Services (AWS)
Business Logic
Software System Penetration Testing
Azure
C++
Cloud Computing Security
Code Review
Computer Security
Federal Information Processing Standards (FIPS)
Fuzz Testing
Hardware Security Module
Identity and Access Management
Python
Key Management
Open Source Technology
Public Key Infrastructure
X.509
Blockchain
RSA (Cryptosystem)
TypeScript
Software Vulnerability Management
Policy as Code
Transport Layer Security
Software Security
Kubernetes
Information Technology
Go
Job description
- Own product security for all applicable digital asset products: Taurus-PROTECT, Taurus-CAPITAL, Taurus-EXPLORER and Taurus-NETWORK. Contribute to financial services product security.
- Contribute to security architecture for HSMs, confidential computing, MPC, and cryptographic systems
- Perform security reviews of application code, cryptographic workflows, smart contracts, HSM integrations, and enclave-based components
- Model threats of new features and review architectural designs before release
- Lead and review penetration tests, reproduce findings, and validate remediation plans
- Build and own the automation that enforces security guardrails - across CI/CD pipelines, software supply chains, Kubernetes environments, and deployment platforms
- Pair with product engineering teams to design and ship fixes, not just file findings
- Review authorization models, privilege management, identity integrations, and operational access controls
- Support incident response, vulnerability management, and security investigations
- Support client audits, RFPs, security workshops, and regulatory discussions
- Translate regulatory and compliance requirements into practical technical controls
- Monitor security news and trends; identify potential impact on products and ensure timely application of corrective actions
Requirements
Do you want to be part of a new entrepreneurial adventure and help build the next global FinTech, then we might just have the job for you., * Master or PhD in computer sciences, IT security engineering or cryptography
- 7+ years in application security, product security, offensive security, or security engineering
- Background in security-critical environments - financial services, payments, identity, custody, embedded systems, or regulated platforms
- Fluent written and spoken English, * Strong security code review experience in at least two of: Go, C/C++, TypeScript, Python
- Threat modeling, secure design reviews, and penetration testing
- Ability to identify business logic flaws, authorization issues, cryptographic misuse, and complex attack paths
Cryptography & key management:
- Strong applied-cryptography foundation: PKI, TLS, X.509; AES, RSA, ECDSA, EdDSA; key management and key ceremonies; secure key storage and signing workflows
- Experience with HSM technologies and PKCS#11 environments
Infrastructure & cloud security:
- Strong Kubernetes and container security experience
- Familiarity with cloud IAM, workload identity, secrets management, and policy-as-code
- A builder's mindset - you implement security controls, not only review them
Secure hardware & confidential computing:
- Experience with one or more of: Thales / Luna HSM, AWS CloudHSM, Azure Managed HSM, Intel SGX, AMD SEV-SNP, AWS Nitro Enclaves, Azure Confidential Computing
Client & communication skills:
- Comfortable engaging security teams, auditors, regulators, enterprise clients, and prospect CISOs
- Able to explain complex security topics clearly and pragmatically
A strong plus
- Blockchain and smart contract security
- MPC and threshold signature systems
- Fuzzing and secure software testing
- Security compliance and regulatory frameworks (FINMA, DORA, MiCA, ISO 27001, SOC 2, FIPS 140-3)
- Public security research, CVEs, bug bounty experience, or open-source security contributions
- Experience supporting RFPs, security questionnaires, and customer due diligence
- Degree in Computer Science, Security, or equivalent practical experience
Benefits & conditions
- An opportunity to work at the intersection of digital assets and finance
- A skilled and experienced team, including world-renowned experts
- A fast-paced learning environment, entrepreneurial spirit and team spirit
- A great moment to join as the company grows and expands
- State-of-the-art technology and IT infrastructure
- Hybrid remote work and flexible working hours
- Fun team events
As the company evolves in a dynamic and innovative environment, its DNA is based on merit. As such, there will be significant growth opportunities for candidates with an open and deliver-oriented mindset. We are an equal opportunity employer.
About the company
Taurus is a FINMA-regulated securities firm, headquartered in Geneva, Switzerland, and providing digital asset trading and financial services to its clients. It is also a world-leading provider of digital asset infrastructure solutions to banks, corporations and private companies. Using blockchain technology, Taurus platform covers cryptocurrencies, tokenized securities, tokenized assets (such as NFTs), digital currencies, and stable coins.
We are looking for ambitious and driven individuals to support our fast global growth.