Senior Security Engineer Digital Asset Custody / Crypto Security Engineer

Amazon.com, Inc.
Denver, United States of America
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 167K

Job location

Denver, United States of America

Tech stack

Artificial Intelligence
Architectural Patterns
Computer Security
Digital Assets
Disaster Recovery
Distributed Systems
Fault Tolerance
Fuzz Testing
Hardware Security Module
Python
Key Management
Laravel
Node.js
Blockchain
Software Engineering
Tokenization
Management of Software Versions
Ripple (payment Protocol)
Web3.js

Job description

Sr Security Engineer focusing on security and custody architecture to serve as the technical authority for Crypto Custody engineering with deep ownership of key management custody security architecture and risk posture across Firms digital asset platforms This is a hands on high impact individual contributor role The Lead Engineer sets technical direction defines custody architecture and owns critical design decisions across HSMs MPC key storage policy enforcement disaster recovery and incident response This role requires strong engineering judgment in high risk high trust environments and the ability to operate with autonomy while influencing teams architects security and leadership. What This Engineer Will Do

  • Custody Key Management Cryptographic Architecture
  • Design implement and evolve institutional grade key management architectures including
  • Hardware Security Modules HSMs
  • Multi Party Computation MPC
  • Secure key generation storage rotation signing and recovery
  • Define clear trade offs and architectural patterns across hot wallet warm wallet and cold storage models
  • Ensure cryptographic designs align with regulatory security and audit expectations
  • Partner closely with Cybersecurity and Risk to embed defense in depth and zero trust principles into custody design
  • Custody Policy Engine Governance
  • Lead the design of the Custody Policy Engine governing
  • Authorization approvals limits and segregation of duties
  • Transaction controls and exception handling
  • Policy versioning auditability and enforceability
  • Ensure policies are code driven deterministic observable and testable
  • Translate business legal and risk requirements into clear enforceable technical controls
  • Serve as a trusted technical advisor on custody governance topics
  • Disaster Recovery Resilience Incident Ownership
  • Own custody specific disaster recovery strategies including key recovery quorum loss scenarios and chain events
  • Author and maintain incident response and recovery runbooks for custody related failures or security events
  • Partner with Operations Security and SRE to ensure practicable tested recovery procedures
  • Lead post incident technical analysis root cause reviews and long term remediation strategies
  • Overall Custody Architecture Risk Posture
  • Act as the custody architecture authority ensuring consistency across wallets blockchains environments and platforms
  • Identify architectural and operational risks early propose mitigation strategies with clear trade offs
  • Ensure custody designs scale across assets chains and future tokenized products
  • Influence enterprise standards by raising the bar on security resilience and technical rigor
  • AI Augmented Engineering Excellence
  • Leverage GenAI and agentic AI tools to accelerate architecture design threat modeling documentation testing and reviews
  • Set expectations for AI assisted engineering rigorspeed with correctness not shortcuts
  • Partner with engineering teams to raise architecture code and documentation quality across custody components

Requirements

  • 10 years of software engineering experience with deep specialization in security sensitive or cryptographic systems
  • Strong hands on experience with HSMs MPC frameworks and secure key management systems
  • Experience with Web3 Security tooling such as Slither Mythril Foundry Fuzzing
  • Experience with common cryptography implementation languages such as C C Rust Go
  • Experience with collaborating with security auditors Ex Trail of bits halborn
  • Proven ability to design systems where failure has material risk implications
  • Strong grounding in distributed systems secure architectures and fault tolerant design
  • Track record of acting as a technical authority without formal people management

Strongly Preferred

  • Experience with crypto custody digital asset platforms or blockchain infrastructure
  • Prior ownership of incident response DR design or security runbooks
  • Ability to articulate risk based trade offs clearly to technical and non technical stakeholders
  • Systems thinker who connects technology security policy and operations
  • Comfortable challenging assumptions and raising concerns early in high stakes environments
  • Experience applying AI tools to complex engineering workflows
  • What Success Looks Like
  • Custody key management and policy systems are secure resilient auditable and trusted
  • Failure modes are well understood modeled and operationally prepared for
  • Incidents are handled with clarity speed

Skills Mandatory Skills : IPFS, Laravel, Node.js, Python, Ripple

Apply for this position