Security Engineer

About WSPN

WSPN (Worldwide Stable Payment Network) is building a global decentralized payment ecosystem that bridges the gap between traditional finance and blockchain-powered infrastructures. We offer cutting-edge payment and stablecoin solutions that enable fast, secure, and compliant global transactions across Web3 and traditional markets. As a fast-growing fintech innovator, we are looking for a Security Engineer to help shape the foundation of our security architecture and protect our rapidly evolving multi-chain and cross-border financial ecosystem.

What You'll Be Doing

. Design, implement, and manage secure system architectures and security-first infrastructure across both on-chain and off-chain components.

. Define and enforce security policies, standards, and procedures that meet regulatory requirements.

. Lead threat modeling, risk assessments, and security reviews for both internal systems and external integrations (e.g., stablecoin issuers, custody providers, DeFi protocols).

. Monitor, respond to, and investigate security incidents and vulnerabilities conduct root cause analysis and incident resolution. . Automate security operations and integrate security tools into our CI/CD pipelines and blockchain transaction systems.

. Collaborate with DevOps and blockchain engineers to build secure and efficient infrastructure using Infrastructure-as-Code (e.g., Terraform, Ansible).

. Participate in penetration testing, red/purple teaming exercises, and conduct regular audits for both Web2 and Web3 components. . Actively contribute to internal security reviews, architecture boards, and cross-functional engineering decisions.

What We're Looking For

. Proven experience in application and infrastructure security, ideally in fintech, crypto, or DeFi environments.

. Deep understanding of public cloud environments (e.g., AWSand hands-on experience in hardening cloud-native architectures.

. Familiarity with blockchain ecosystems and crypto protocols experience securing smart contracts and wallets is a plus.

. Experience with security tooling like DefectDojo, SIEM, IDS/IPS, container security, and endpoint protection.

. Familiarity with DevSecOps practices, CI/CD pipelines, and Infrastructure-as-Code.

. Ability to perform detailed threat modeling and assess security posture of new features or partnerships.

. Strong communication skills and the ability to work across teams in a fast-paced, distributed environment.

Bonus Points

. Certifications: OSCP, CISSP, CDPSE, CEH, GSEC, or equivalent.

. Experience working with security/compliance frameworks such as ISO 27001, SOC 2, GDPR, or MAS TRM.

. Prior experience in security audits, vulnerability management, and crypto custody solutions.

. Exposure to regulatory tech, payment networks, or stablecoin platforms is highly advantageous.