Who we are:
EMURGO is the official commercial and venture arm of the Cardano Blockchain, a smart contract platform with advanced security assurance - Currently Top 3 of decentralized smart contract platforms and Top 10 of all cryptocurrencies on CoinMarketCap.
As a founding member of the Cardano protocol, EMURGO develops, supports, and incubates commercial opportunities and helps integrate businesses into our blockchain system.
Our businesses include:
EMURGO Fintech develops the best mobile and wallet applications to interact with the Cardano blockchain to serve as a baseline platform for others to build upon
EMURGO Media has developed a social content platform with the Cardano community at its core and positioned for creation, curation, aggregation and monetization of the ecosystem projects and tools.
EMURGO Academy provides Cardano blockchain courses to students and developers looking to start, or transition to, a career in the blockchain industry, as well as executives and entrepreneurs seeking to understand how Cardano blockchain might augment their businesses.
EMURGO Ventures invests in Web3 initiatives, including DeFi and NFT projects, blockchain developer education tools, and other decentralized application projects, especially those with interoperability potential, as well as middleware solutions companies in developed markets.
EMURGO Africa is an investment vehicle that also provides hands-on acceleration and incubation programs, with $100m having been earmarked for investments in Africa, where a key growth driver in the region is the use of lending and borrowing crypto services for daily life.
Job Summary:
The Senior Information Security Analyst at EMURGO is responsible for overseeing the administrative, operational, and technical aspects of our security controls. This role ensures the availability, operation, maintenance, and security of EMURGO's computer systems, networks, and data, including both web2 and web3 systems. The analyst conducts risk assessments, evaluates security vulnerabilities, and monitors systems to identify and implement priority mitigations. Additionally, the role involves coordinating or supporting ad-hoc information security projects, developing security policies, and ensuring compliance with regulatory standards.
What You Will Be Doing:
Monitor and secure EMURGO's computer systems, networks, and data.
Serves as main IT security person responsible for supporting security initiatives in area of responsibility.
Oversee SIEM and vulnerability management platforms, and train technical teams.
Continuously monitor and report on the security status of EMURGO's technology systems.
Lead incident response efforts and maintain compliance with security standards.
Plan and conduct cybersecurity training and tabletop exercises.
Manage internal risk assessments and audits, and oversee external partner engagements.
Handle certificate management for secure system operations.
Evaluate and recommend security products and services, including budget estimates.
Maintain detailed records and contribute to developing security policies and procedures.
Plan and conduct internal risk assessments and audits. Serves as project manager for risk assessments and pen tests.
What You Bring to EMURGO:
Expertise in vulnerability management, risk assessment, and SIEM operations.
Broad knowledge of application, network and system security, including cloud environments.
Familiarity with blockchain security and smart contract audits.
Experience in leading incident response and managing security projects.
Proficiency in planning and executing audits and penetration tests.
Skills in creating and delivering security training and enforcing policies.
A proactive approach to staying updated on security threats and technologies.
Attention to detail and a collaborative approach to fostering a security culture.
Ability to align security initiatives with business objectives to support growth.
Technical Knowledge and Skills:
Thorough understanding of Information Security, including Vulnerability Management, Risk Assessment, Auditing, Response, and Compliance.
Extensive knowledge of networks, applications, cloud environments, and system administration.
Proficiency in using SIEM and vulnerability management tools.
Proficient in shell scripting and managing TCP/IP protocol stack applications, including Telnet/SSH, FTP (CRT), TFTP, DNS, DHCP.
Extensive experience with Microsoft Windows domain networks, firewall management, active directory federation services, multi-factor authentication, and VPN.
Expertise in wired and Wi-Fi networking, on-site and remote, integrating with cloud-based resources like Google Workspace and secure connections including SaaS and hosted applications.
Knowledgeable in data storage, backup and recovery management, and data center operations.
Deep understanding of Syslog and SIEM principles.
Expertise in operating systems such as Windows and Linux.
Proficiency with browsers like Chrome, Edge, and Mozilla.
Skilled in various monitoring and investigative tools such as vulnerability scanning, packet analysis, and forensic drive imaging.
Familiarity with multiple programming languages and command-line interface operations.
Awareness of regulatory and security standards, encryption technologies, and techniques.
Communication Skills:
Excellent written communication skills for preparing reports and composing technical documentation.
Strong interpersonal skills for effective interaction with co-workers, supervisors, managers, other EMURGO employees, vendors, consultants, and customers.
Ability to understand and train others on regulatory requirements, security standards, and EMURGO's policies, standards, procedures, and vulnerabilities related to technology and security.
Qualification and Experience:
Bachelor's degree in Information Security, Cybersecurity, Information Technology, Computer Science, Engineering, or a related field is required.
At least four years of experience in Information Security, including vulnerability management.
Preferred certifications: GSEC, Security+, CISM, CISSP.
Experience with blockchain technology is preferred.
Employment:
Employment is contingent upon passing a criminal convictions check, a local background check, and is subject to re-check every three years.