Fridtjof Nansen crossed the Arctic, going places no human had ever been. Together with our users, we're doing the same onchain , and someone needs to make sure we don't get killed on the way there.

We're building the single best platform for onchain investing , agentic trading, staking infrastructure, AI-powered analytics , and we're scaling fast. Fast enough that security can't be an afterthought bolted on later. It has to be built in, from the start, by someone who knows what they're doing.

Our mission:

Surface the signal and create winners.

What you'll do at Nansen

You'll be the person who makes sure we can move fast without breaking things that matter. That means embedding security into everything we build , cloud infrastructure, applications, CI/CD pipelines, AI systems, staking operations , across a generalist role that spans the full surface area.

• Run security assessments across systems, architectures, and code , find the vulnerabilities before someone else does
• Advise engineering teams on secure design decisions. You're a partner, not a blocker
• Deploy and maintain security infrastructure: SIEM, vulnerability scanning, endpoint protection, logging , the things that let us sleep at night
• Secure our CI/CD pipelines and deployment workflows end-to-end
• Own secrets management, key management, and access controls. No shortcuts
• Address LLM security head-on: API key management, prompt injection prevention, and the risks that come with shipping AI-powered products at speed
• Coordinate penetration tests and security audits with external vendors
• Create and maintain secure coding guidelines and code review processes that engineers actually follow
• Represent the Security Team in the incident response process
• Drive compliance readiness , SOC 2, ISO 27001 , pragmatically, not bureaucratically

What we're looking for

• You've built and hardened production security at scale , you know the difference between a policy document and an actually secure system
• Strong cloud security knowledge (AWS, GCP or equivalent). Container security and network security fundamentals
• Hands-on experience implementing security tooling, not just evaluating it
• Secrets and key management expertise , you've managed this at a company where it actually mattered
• You understand the security implications of AI/LLM and agent-based systems. This is new territory and we need someone thinking about it seriously
• CI/CD pipeline security is second nature
• Pragmatic about compliance , you can get us to SOC 2 without drowning the engineering team in process
• You don't just use AI as a tool. You think with it. AI-first isn't a checkbox , it's how you work
• Strong async communication skills , we're remote-first, Slack-and-docs-heavy, and EMEA hours are preferred for team overlap
• Bonus: blockchain, smart contract, or staking infrastructure security experience. Kubernetes and Terraform security. Incident response or security operations background

What we offer our crew

• Competitive salary. Meaningful equity. Real ownership in what you build
• Fully remote with two no-meeting days a week , because deep work doesn't happen in a Google Meet
• Annual company retreat and team off-sites in one of our offices: Singapore, Bangkok, London, and Oslo , flights and accommodation covered
• Unlimited AI tokens , Claude, OpenAI, whatever helps you move fast
• Your own OpenClaw for work
• Nansen Pro account: giving you full access to the most detailed onchain data in the market
• A team that started as data engineers and data scientists that has grown to over 80 builders. Your craft is respected here.
• Speed, ownership, curiosity, courage. These aren't values on a wall , they're how we run.
• A front-row seat (and a hand in building) the next chapter of finance

XML job scraping automation by YubHub

In this role, you will establish and test security guardrails for code, cloud resources, and infrastructure components throughout the Anchorage platform. You will monitor and respond to security events and configuration anomalies across the organization, leading investigation and containment efforts. You will manage the full vulnerability lifecycle from discovery through remediation, tracking progress and ensuring timely closure of findings.

You will lead or substantially contribute to Security Operations initiatives with minimal oversight, coordinating across team boundaries to drive projects to completion. You will break complex security problems into manageable workstreams with accurate scope and time estimates. Present options clearly and provide well-reasoned priority recommendations.

Deliver assurance artifacts and evidence for regulated entity requirements, supporting audit and compliance efforts. Balance speed of response with thoroughness of investigation, adapting approach based on risk and business impact.

You will understand and help implement the company's security strategy by participating in planning and defining Security Operations goals in alignment with Anchorage Digital's overall objectives. Stay alert to emerging threats, vulnerabilities, and industry trends that could affect organizational security posture.

Consider security holistically across the product ecosystem,applications, infrastructure, and third-party integrations,while fostering a security-first culture. Collaborate cross-functionally with Engineering, Infrastructure, and Compliance teams to embed security into development and operational processes.

Share knowledge broadly across the team through documentation, runbooks, and post-incident reviews, preventing single points of failure. Partner with engineering teams to explain security risks and remediation approaches, translating technical findings into actionable guidance.

Collaborate across teams to review security configurations, triage findings, and engage in technical discussions. Communicate insights and recommendations clearly to improve processes. Demonstrate empathy by understanding others' context, priorities, and constraints,adapting communication style to maximize effectiveness with both technical and non-technical audiences.

XML job scraping automation by YubHub