Security Engineer Lisboa

Overview

As a Senior Security Engineer at kpk, you’ll be responsible for developing and implementing security strategies and controls across our infrastructure, smart contracts, operational systems, and financial tooling. This is a
- functional role that sits at the intersection of Engineering, Operations, and Financial Product, with an impact across the entire organisation. You’ll collaborate closely with internal teams to proactively identify vulnerabilities, mitigate risks, and foster a
- first mindset across the organisation. This is an opportunity to have a direct impact on the resilience and trustworthiness of our systems in both Web2 and Web3 environments, ensuring
-
- end security across all domains at kpk.

Responsibilities

• Security Strategy & Governance: Design and implement security frameworks tailored to Web3/De
  Fi environments.
• Develop and enforce cybersecurity policies across departments; drive compliance with industry security standards and best practices.
• Advise leadership on risk posture and security roadmaps.
• Smart Contract & Protocol Security: Conduct audits and reviews of smart contracts and protocol integrations; collaborate with developers to embed secure coding practices; research and integrate
  - chain monitoring and anomaly detection tools; stay up to date on De
  Fi exploits, attack vectors, and tooling.
• Operational Security (Op
  Sec): Assess and mitigate risks across cloud infrastructure, validators, nodes, and custodial tools; establish robust access controls and identity management protocols; lead incident response and develop response playbooks; monitor internal systems and respond to security events.
• Infrastructure & Dev
  Sec
  Ops: Partner with the OE Engineer on the implementation of Dev
  Sec
  Ops practices; secure
  - sig wallets, internal tools, and
  - party integrations; ensure security across CI/CD pipelines and deployment environments; enhance authentication (MFA, RBAC, secure key storage).
• Education & Culture: Lead internal training sessions and security awareness initiatives; create clear documentation on security practices and guidelines; build a
  - first culture across Engineering, Operations, and Financial Product teams.
• Threat Intelligence & Collaboration: Deploy monitoring tools and conduct proactive threat hunting; engage with ethical hackers, bug bounty platforms, and the Web3 security community; perform root cause analysis and
  - mortems of incidents.

Why Join Us?

• Flexible Working Hours: We understand that life happens. You can create a schedule that works best for you!
• Remote Work: Work from anywhere! Whether you’re at the beach or your cosy home office, we want you to be comfortable.
• Learning & Growth: We offer continuous opportunities for professional development to help you stay ahead in this
  - paced industry!
• Innovative Projects: Get involved in groundbreaking projects in the De
  Fi space. Your work will directly impact the future of financial services.
• Supportive Culture: Join a team that celebrates diversity and encourages open communication. We believe in lifting each other up!

About Us

Market leaders in
- chain asset management, kpk helps organisations grow their digital assets responsibly and sustainably. We-'re scaling De
Fi through active treasury management solutions and products, all built on top of our
- custodial technology stack.

Requirements

• Proven experience in security engineering, ideally in a Web3, De
  Fi or blockchain environment.
• Strong understanding of Web2 infrastructure and cloud security (e. g. , AWS, GCP).
• Familiarity with smart contract vulnerabilities and best practices.
• Hands-on experience with threat detection, response tools, and security automation.
• Collaborative mindset and strong communication skills.
• Abide by our values.