Sr. Security & IT Engineer

About Us

Chorus One is  at the forefront of Proof-of-Stake networks and decentralized protocols, helping secure billions in assets for tens of thousands of customers and institutions worldwide. 

Our mission? To drive freedom and innovation through cutting-edge decentralized technologies.

We’re a global powerhouse of 75+ talented individuals from 25+ countries, united by a shared passion for excellence, radical transparency, and continuous growth. But it’s not just about results—we believe in treating each other with kindness and generosity while tackling some of the industry’s most exciting challenges.

If you’re ready to make an impact in a collaborative, high-energy team redefining the future of blockchain infrastructure, we want to hear from you!

Position Overview:

• Maintain and oversee the functionality of our ISO 27001 Framework and subsequent certifications arising from business needs, collaborating with teams and stakeholders to ensure successful implementation within a given timeline.

• Work with teams and stakeholders to develop, implement, and maintain information security policies, procedures, and standards to comply with business relevant security standards and frameworks (ISO 27001, SOC 2) as well as relevant legal and regulatory requirements.

• Coordinate vulnerability assessments and penetration tests on network systems and applications.

• Monitor and conduct internal audits of the system environment, policies and procedures. Develop and maintain timelines, roadmaps, and list of required tasks for various teams based on the outcomes.

• Analyze and report on security threats and incidents, triage resolution, and develop controls and strategies to mitigate those risks.

• Research and recommend security solutions to mitigate security risks and improve existing practices and technologies to align with the organization's risk tolerance and ensure regulatory compliance.

• Assist sales in responding to prospect and customer inquiries about Chorus One’s security and compliance posture.

• Administer security and awareness training for the team.

• Administer and configure our services such as Google Workspace, Slack, Bitwarden, Notion, and SSO integration between them, manage software licenses.

• Provide technical support to our employees and keep our internal knowledge base up to date.

• Provision laptops for new hires (Mac and Linux) and maintain an asset register of our corporate devices.

• Work with stakeholders to set processes and policies. For example, set up a BYOD policy, streamline our onboarding flow, etc.

• Adopt processes and tools to ensure that our corporate devices are secure, up to date, and free of malware.

• Researching, proposing, implementing, documenting, testing and supporting new solutions that make our internal IT easier to manage and secure.

• Streamline our retreats to make them inclusive for remote attendants, and manage the AV equipment and other hardware for this. Two times per year we meet physically to present and discuss company plans, but now that we’ve grown to more than 70 people, inevitably some people are unable to attend in person, so they dial in through a video call.