Head of Custody Security at Crypto.com

Madrid, Community of Madrid, Spain

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Cryptocurrency, Blockchain, FinTechIndustries

Requirements

At least 8 years of relevant experience in security assurance, audit, compliance, or cloud security engineering
Demonstrated experience testing and validating security controls across IAM, key management, and network/cloud environments
Strong understanding of Identity and Access Management (IAM) principles
Knowledge of cryptographic key management, HSMs, and KMS systems
Solid grasp of cloud and network security architecture and configuration
Proven experience supporting SOC 1, SOC 2, ISO 27001, PCI DSS, or similar external audits and assessments
Exposure to major cloud platforms (AWS, GCP, Azure) and infrastructure-as-code
Experience in preparing client assurance materials, RFP/RFI/DDQ responses, and evidence documentation
Familiarity with blockchain platforms or digital asset custody systems is advantageous
Can work independently and under pressure
Excellent verbal and written communication skills
Pragmatic and solution-oriented approach, ability to balance security requirements with operational feasibility and business needs

Responsibilities

Conduct, design, and implement testing of security controls covering identity management, key management, and infrastructure (network and cloud) configurations
Support client assurance activities, including responding to Requests for Proposals (RFPs), Requests for Information (RFIs), and Due Diligence Questionnaires (DDQs)
Identify and analyze trends in client inquiries and provide feedback to internal teams to improve documentation and control readiness
Perform security due diligence and ongoing monitoring for Web3/blockchain vendors, including assessing their control maturity, reviewing SOC reports and security documentation, and identifying residual risks
Facilitate external audit activities, including coordination of walkthroughs, evidence collection, and response tracking
Identify and analyze gaps in current and new processes, then develop and track remediation recommendations to completion (e.g., onboarding flow)
Develop and maintain understanding of applicable financial regulatory security requirements and ensure alignment of controls
Research and share information security best practices, emerging threats, and mitigation strategies with internal teams
Evaluate and propose next-generation security tools, automation, and technologies to enhance overall security posture
Review blockchain network or protocol upgrades for their potential security impact on the platform

Skills

Key technologies and capabilities for this role

IAMKey ManagementHSMsKMSCloud SecurityNetwork SecurityCryptographySOC 1SOC 2ISO 27001PCI DSSBlockchain SecurityWeb3AuditCompliance

Questions & Answers

Common questions about this position

What experience level is required for the Head of Custody Security role?

At least 8 years of relevant experience in security assurance, audit, compliance, or cloud security engineering is required.

What key technical skills are needed for this position?

The role requires demonstrated experience testing and validating security controls across IAM, key management, and network/cloud environments, strong understanding of IAM principles, knowledge of cryptographic key management, HSMs, and KMS systems, and solid grasp of cloud and network security architecture.

Is remote work an option for this job?

This information is not specified in the job description.

What is the salary or compensation for this role?

This information is not specified in the job description.

What soft skills or qualities make a strong candidate for this position?

Candidates should be able to work independently and under pressure, have excellent verbal and written communication skills, and demonstrate a pragmatic and solution-oriented approach that balances security with operational and business needs.

Crypto.com

Cryptocurrency trading and financial services platform

About Crypto.com

Crypto.com provides a platform for trading and managing cryptocurrencies, catering to over 100 million customers worldwide. Users can buy, sell, and store various cryptocurrencies while benefiting from services like transaction processing and card issuance. The platform generates revenue primarily through transaction fees and premium services, ensuring a secure and user-friendly experience. What sets Crypto.com apart from its competitors is its strong focus on regulatory compliance, security, and privacy certifications, which builds trust among users. The company's goal is to accelerate cryptocurrency adoption, aiming to have 'Cryptocurrency in Every Wallet™' and to support builders and entrepreneurs in creating a more equitable digital ecosystem.

Central and Western District, Hong KongHeadquarters

2016Year Founded

$24.3MTotal Funding

SERIES_ACompany Stage

Fintech, Crypto & Web3Industries

5,001-10,000Employees

Benefits

Competitive compensation package.

Huge responsibilities from Day 1: Be the owner of your own learning curve. The possibilities are limitless and depend on you

International company and team

Risks

Regulatory challenges in South Korea could pose compliance risks.

Integration of traditional financial instruments may expose new regulatory risks.

Expansion into Dubai involves navigating complex regulatory landscapes.

Differentiation

Crypto.com offers the world's largest crypto card program with Visa.

The company integrates traditional finance with crypto through strategic acquisitions.

Crypto.com is a leader in regulatory compliance, security, and privacy certifications.

Upsides

Acquisition of Orion expands product offerings in the UAE's crypto-friendly environment.

Growing interest in crypto-based loyalty programs enhances Visa card offerings.

Eco-friendly blockchain solutions align with Crypto.com's sustainability goals.

Land your dream remote job 3x faster with AI

Try Jobo Free