We're making the world of digital assets accessible and secure for everyone.
Join the mission.
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 15% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 5 millions units already sold in 180 countries.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Have a look at our Origins video here.
To sustain our growth, you will take a lead role in the continued innovation of Ledger’s Cyber Security strategy by defining, conveying and embedding security best practices within Ledger’s architectural, change and technical communities.
Reporting to the Head of Security Change and Assurance, you will be a key member of the Cyber Security/Information Security team and will be relied upon by the architecture, infrastructure and platforms teams to play a key role in ensuring fast, efficient, secure delivery of change programmes.
Your key interfaces in this role would be: our Head of Security Change and Assurance but also Enterprise Security Architect, Solutions Architects, risk department, Business and Project sponsors and Product Owners.
Your overall mission will be as follow:
* Embed a culture of security within Ledger’s wider community of Architects, SMEs and change teams in an accountable, efficient and proactive manner
* Understand emerging and existing security technologies and introduce them to the overall environment
* Design, develop, and implement security controls and tools that improve the defence of Ledgers internet services infrastructure and applications
* Collaborate with Ledgers security teams to enhance and refine the processes and frameworks used in improving Ledgers security posture
* Be a passionate and enthusiastic defender of Ledger’s information assets
Your mission
Execution of the Security Strategy and assists development of its key artefacts including security standards, patterns and technical specificationsConduct threat modelling, develop requirements and provide risk based assessment of gaps as well as suggesting attendant mitigating controlsWork multi-functionally with teams throughout Ledger on technology and initiatives to enhance security and best practices of product and service teamsProvide direction in industry wide security technologies, standards and emergent concepts, for example: OAUTH2/OIDC, SAML, Kerberos, KMIP, FIPS, Immutability, DevSec Ops etcProvide technical expertise in the enhancement of Ledger’s security management capabilities: Vulnerability Management, Logging and Alerting, Code Analysis, ComplianceDevelop production infrastructure fixes to complex vulnerabilitiesBe a technical Manager responsible for helping secure LedgerWhat we’re looking for
Bachelor’s degree in engineering, computer science, information security, or information systems, however equivalent experience in a relevant field will be valued just as stronglySignificant Information Security / Cyber Security experience ideally with financial services exposurePrevious experience working with distributed, dynamic, highly scalable and available architecturesStrong understanding of software assurance methodologies and technologies, such as secure coding standards, static and dynamic analysis, SDLC and DevSecOpsDemonstrable familiarity with cloud architectures and controlsStrong multi OS experienceAbility to pivot between the key security domains and communicate effectively with technical experts in those areasAbility to handle complex projects and competing priorities in a fast paced environmentDemonstrable experience in persuading and communicating effectively with a broad spectrum of business stakeholdersRelevant Certification such as: CISSP, CCSPNice to have: SABSA, OSCP, TOGAF, Cloud Architect certificationsWhat’s in it for you?
Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow. Flexibility: A hybrid work policy.Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinksMedical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage. Well-being: Personal development, coaching & fitness with our dedicated partners.Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.High tech: Access to high performance office equipment and gadgets, including Apple products. Transport: Ledger reimburses part of your preferred means of transportation. Discounts: Employee discount on all our products.We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.