Kerja Sepenuh Masa, Web3 Security Lead di OpenEden Federal Territory - Maukerja

About OpenEden 

OpenEden operates a leading real-world asset (RWA) tokenization platform, renowned for its unmatched focus on regulatory standards and advanced financial technology. Founded in 2022, OpenEden bridges traditional and decentralized finance by providing, through its regulated entities in Bermuda and the BVI, secure, transparent, and compliant on-chain access to tokenized RWA. OpenEden is tokenizing global finance with a core focus on compliance and innovation. 

About the Role 

As the Web3 Security Lead, you will be responsible for helping secure OpenEden’s blockchain infrastructure, smart contracts, wallets, custody environment, and digital asset operations, while also supporting broader cybersecurity initiatives across the company. 

You will work closely with Engineering, Product, Operations, Risk, Compliance, IT, and external security partners to ensure security is embedded into our products, systems, and operational processes. 

This role is ideal for someone who currently handles Web3 security across private and/or public chains, understands traditional cybersecurity models and frameworks, and is excited about building secure institutional-grade digital asset infrastructure. 

What You’ll Be Doing 

Build, Monitor and Secure 

• Own and continuously improve the Company’s Web3 security posture across: (i) Web3 development operations, (ii) wallet and multi-sig structures, (iii) wallet governance, (iv) key management and transaction controls, and (v) protocol integrations. 
• Continually assess and improve logging, monitoring, vulnerability management, operational security controls, and incident response processes across AWS and production environments. 
• Review and strengthen transaction approval flows, signer governance, operational wallet security, contract permissions, and privileged access controls. 
• Own the implementation of appropriate security controls and risk mitigation across the Company’s new Web3 products, tokenised structures and blockchain/protocol integrations 
• Work with Web3 security vendors and monitoring platforms e.g. blockaid, hypernative, etc. 
• Support detection, investigation, containment, and remediation of security incidents across both Web2 and Web3 environments. 
• Monitor and respond to on-chain threats, suspicious activity, and security incidents. 

Support and Assist 

• Support Web3 audit/regulatory readiness through the coordination of smart contract audits and remediation activities. 
• Perform security reviews and ongoing assessments of vendors, custodians, exchanges, protocols, and third-party technology providers. 
• Provide cross functional support in relation to technology risk assessments, operational resilience exercises, security reporting activities 
• Support security across cloud infrastructure, applications, identity/access management, endpoints, and internal systems. 

What We’re Looking For 

• 5+ years in security, including 2+ years in blockchain, digital assets, smart contract, custody, or Web3 infrastructure security.
• Strong understanding of smart contracts, wallets, custody, multisigs, blockchain infrastructure, and common Web3 attack vectors. 
• Experience supporting broader cybersecurity functions such as cloud security, infrastructure security, vulnerability management, or incident response is a plus. 
• Familiarity with Web3 security and monitoring tools such as Hypernative, Blockaid, Chainalysis, Fireblocks, BitGo, SAFE, or similar platforms. 
• Experience with Ethereum, EVM ecosystems, stablecoins, tokenized assets, custody infrastructure, or institutional digital asset platforms is preferred. 
• Experience working with cloud environments such as AWS and modern SaaS environments. 
• Strong communication and stakeholder management skills. 
• Ability to work in a fast-moving and collaborative environment. 

Nice to Have 

• Experience working with auditors, regulators, institutional clients, or risk teams. 
• Relevant security certifications  e.g. CISA, CISSP, CISM etc.