Overview
Aquent is collaborating with a leading financial services firm at the forefront of digital asset innovation. This firm is dedicated to building robust, secure, and scalable platforms that redefine how value is managed and exchanged in the digital economy. We are seeking a visionary and highly skilled technical authority in digital asset security. This is a pivotal, hands-on role where your expertise will directly shape the future of secure digital asset management, safeguarding critical infrastructure and driving innovation in a rapidly evolving landscape. You will be the technical backbone of the firm's groundbreaking digital asset custody strategy, ensuring that key management and policy systems are secure, resilient, auditable, and trusted. **The Opportunity** As a Lead Engineer in Digital Asset Custody, you will serve as the ultimate technical authority, taking deep ownership of key management, custody security architecture, and risk posture across the firm's digital asset platforms. This high-impact individual contributor role demands strong engineering judgment in high-risk, high-trust environments, operating with autonomy while influencing engineering teams, architects, security, and leadership. Your work will directly ensure incidents are handled with clarity, speed, and technical confidence, and that the custody architecture scales across assets, chains, and future tokenized products without erosion of risk posture. You will: * **Lead Custody Key Management & Cryptographic Architecture:** Design, implement, and evolve institutional-grade key management architectures, encompassing Hardware Security Modules (HSMs), Multi-Party Computation (MPC), and secure key generation, storage, rotation, signing, and recovery. You will define clear trade-offs and architectural patterns across hot, warm, and cold storage models, ensuring cryptographic designs align with regulatory, security, and audit expectations. Partner closely with cybersecurity and risk teams to embed defense-in-depth and zero-trust principles into custody design.
* **Drive Custody Policy Engine & Governance:** Lead the design of the Custody Policy Engine, governing authorization, approvals, limits, segregation of duties, transaction controls, and exception handling. You will ensure policies are code-driven, deterministic, observable, and testable, translating business, legal, and risk requirements into clear, enforceable technical controls, and serving as a trusted technical advisor on custody governance.
* **Own Disaster Recovery, Resilience & Incident Response:** Develop and maintain custody-specific disaster recovery strategies, including key recovery, quorum loss scenarios, and chain events. You will author and maintain incident response and recovery runbooks for custody-related failures or security events, partnering with operations, security, and site reliability engineering to ensure practicable, tested recovery procedures. Lead post-incident technical analysis, root cause reviews, and long-term remediation strategies.
* **Shape Overall Custody Architecture & Risk Posture:** Act as the custody architecture authority, ensuring consistency across wallets, blockchains, environments, and platforms. Identify architectural and operational risks early, proposing mitigation strategies with clear trade-offs. Ensure custody designs scale across assets, chains, and future tokenized products, influencing enterprise standards by raising the bar on security, resilience, and technical rigor.
* **Champion AI-Augmented Engineering Excellence:** Leverage generative AI and agentic AI tools to accelerate architecture design, threat modeling, documentation, testing, and reviews. Set expectations for AI-assisted engineering rigor-prioritizing speed with correctness, not shortcuts-and partner with engineering teams to raise architecture, code, and documentation quality across custody components. **Required Qualifications** * 10+ years of software engineering experience, with deep specialization in security-sensitive or cryptographic systems.
* Strong hands-on experience with Hardware Security Modules (HSMs), Multi-Party Computation (MPC) frameworks, and secure key management systems.
* Experience with Web3 Security tooling such as Slither, Mythril, Foundry Fuzzing.
* Experience with common cryptography implementation languages such as C, C++, Rust, Go.
* Experience collaborating with leading security auditors.
* Proven ability to design systems where failure has material risk implications.
* Strong grounding in distributed systems, secure architectures, and fault-tolerant design.
* Track record of acting as a technical authority without formal people management responsibilities. **What Sets You Apart** * Experience with digital asset custody, digital asset platforms, or blockchain infrastructure.
* Prior ownership of incident response, disaster recovery design, or security runbooks.
* Ability to articulate risk-based trade-offs clearly to technical and non-technical stakeholders.
* A systems thinker who connects technology, security, policy, and operations.
* Comfortable challenging assumptions and raising concerns early in high-stakes environments.
* Experience applying AI tools to complex engineering workflows. #LI-LP1 **About Aquent Talent** Aquent Talent connects the best talent in marketing, creative, and design with the world's biggest brands.
Our eligible talent get access to amazing benefits like subsidized health, vision, and dental plans, paid sick leave, and retirement plans with a match.
Aquent is an equal-opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. We're about creating an inclusive environment-one where different backgrounds, experiences, and perspectives are valued, and everyone can contribute, grow their careers, and thrive.
|
Skill
sick time
Jun 05, 2026