Join Affinidi and be part of the future of identity: secure, portable and controlled by the individual.
Affinidi empowers individuals and organisations with ownership and control of their verifiable data, to unlock value across borders and platforms.
Leveraging on the building blocks that Affinidi provides, trusted institutions and entities can issue verifiable credentials to customers, which can in turn be shared with other applications to access services in an open and interoperable ecosystem.
Currently undergoing development are three applications that leverage Affinidi’s technology: Safe Travel initiative, a digital medical credentials ecosystem to safely open up international air travel; Trustana, a curated B2B marketplace and trade platform connecting verifiable, international partners for seamless cross-border trade; and Good Worker, an online job matching platform for seasonal workers and employers in India.
Affinidi, along with the applications Trustana and Good Worker, are seeded by Temasek, a global investment company headquartered in Singapore.
We are building a motivated and entrepreneurial team who is passionate about identity, decentralization and technology to make this happen.
What you’ll do
- You will design infrastructure and drive its implementation to secure & protect Affinidi network and connected systems
- You will apply and share your expertise in compliant cloud management of PII and other information transacted through and/or persisted in Affinidi ecosystem
- You will collaborate with teammates & partners to maintain and continually improve our existing distributed and decentralized security tools, processes using modern software engineering practices
- You will learn and apply Cybersecurity best practices to Affinidi infrastructure and the entity
- You will apply and develop continuing expertise in cryptography and encryption schemes
- You will conduct security reviews of core corporate and production infrastructure.
- You will respond to security incidents and perform digital forensic investigation.
- You will organize and run Penetration testing, actively hunt and search for indicators and/or signs of external attackers and define new detection rules or improve existing ones.
- You will define IOCs based on past attacks and external threat intelligence feeds.
- You will develop and leverage Threat Intelligence Platform for cybersecurity at scale.
- You will develop Tactical and Operational Intelligence.
- You will develop and maintain Security Operations playbooks and standard operating procedures for a distributed scaled system as it evolves.
You Should Apply if
- You have vast experience in Security Engineering, Intrusion Detection, DFIR and/or Threat Hunting. Including experience as DevSecOps Engineer (Cloud & Data Security, Privacy, Regulatory compliance and Infra as code automation for Security)
- You have experience in regulatory compliance and Infra as code automation for Security
- You have experience with library and API design
- You have a high level understanding of common cryptographic vulnerabilities
- You have proficiency with Linux and Git
- You have strong debugging skills and/or experience with reverse engineering
- You have a good understanding of NIST/OWASP Security standards and/or TTPs and the ATT&CK Framework.
- You have an in-depth knowledge of how operating systems work and how to detect malicious activity.
- You have experience configuring & managing operations within a cloud solution environment, Cloud & Data security
- You have experience with threat-modelling for distributed systems and Linux computer forensics w/ memory analysis.
- You are comfortable working on-call when required
- You have great communication skills. We highly encourage all engineers to get regular face-time with customers, to write company blog posts about their accomplishments, and to deliver presentations to the technical community.
- You will work in an exciting startup environment where you can be autonomous and try new things
Bonus Points if
- You have experience with blockchain protocols, smart-contract security, and/or DID ecosystem (eth, BTC, sovrin, hyperledger, etc.)
- You have experience with decentralized storage
- You have experience with a Threat Intelligence Platform
- Remote-first company
- Unlimited vacations and sick-leaves 😍
- Extended Medical Insurance
- Learning budget — $1000 per year
- Home Battle-station allowance — $300
- Co-working space of your choice — if you are bored to work from home or haven’t bought your ticket to Bali yet 😊
- Face-to-Face teambuildings: we expect to have at least 1 per quarter
Here is the interview process for this role:
- 30m interview with one of our Talent Team or Recruitment Partners
- 1.5h Technical Assessment with one of our Security Engineers or CTO
- 1 final interview with the Hiring Manager
We can be flexible with the structure if someone’s circumstances or timescales require it for good reason, just let us know!
Please reach out if you have any specific requirements so we can be as accommodating as possible for you.
Equal Opportunity Statement
Affinidi embraces diversity in all of its forms and fosters an inclusive environment for all people to do the best work of their lives with us.
We’re an equal opportunity employer. All applicants will be considered for employment without attention to ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity status or disability status.