Senior Information Security Consultant

Description • Are you a seasoned information security professional with a passion for tackling complex, novel challenges at a global scale? World Foundation is seeking a highly skilled and motivated Senior Information Security Consultant to join our dedicated team. This is a unique opportunity for a hands-on, single contributor to play a pivotal role in safeguarding the integrity and security of a protocol designed to serve the majority of humanity. We are not looking for individuals who simply tick boxes; we need a strategic thinker who can approach security from first principles, developing innovative solutions for intricate, large-scale problems. • As a Senior Information Security Consultant, you will be instrumental in providing expert guidance and implementing robust security measures across our protocol and associated technologies. Your primary focus will be on ensuring the highest standards of security and privacy, contributing directly to the trust and reliability of a system with far-reaching implications. This role demands a deep understanding of modern security landscapes, a proactive approach to risk management, and the ability to translate complex technical concepts into actionable strategies. • You will collaborate closely with our protocol, engineering, and privacy teams, acting as a trusted advisor on security best practices. This will involve actively participating in the design and development phases, embedding security considerations from the outset to prevent vulnerabilities and ensure resilience. Your insights will be crucial in shaping the security posture of our initiatives, from initial concept through to deployment and ongoing operation. • A core part of your responsibility will be to lead comprehensive cybersecurity and IT risk assessments. This includes identifying potential threats, evaluating existing controls, and developing effective risk mitigation strategies and control plans. You will be expected to not only identify risks but also to propose and help implement practical, scalable solutions that align with our organizational goals and the unique demands of our global protocol. • Threat modeling will be a significant aspect of your work. You will conduct in-depth threat analyses, particularly focusing on crypto-related products and other technologies that leverage advanced cryptographic solutions. Your expertise in identifying potential attack vectors and recommending appropriate countermeasures will be vital in protecting sensitive data and ensuring the secure functioning of our systems. • You will also be responsible for developing and continuously improving our security standards and frameworks. This involves staying ahead of evolving threats and technological advancements, ensuring our security architecture remains robust and future-proof. Your contributions will help establish a comprehensive security governance model that meets the dynamic needs of World Foundation. • Monitoring and analyzing emerging security trends will be an ongoing duty. You will proactively research new vulnerabilities, attack methodologies, and security technologies, sharing your findings and insights with relevant stakeholders. This knowledge sharing is critical for maintaining a proactive and informed security stance across the organization. • Furthermore, you will play a key role in fostering a security-conscious culture by delivering tailored security training and awareness sessions. These sessions will be designed for various technical audiences, ensuring that all team members understand their role in maintaining security and are equipped with the knowledge to identify and report potential issues. • This is a remote position, offering the flexibility to work from anywhere while contributing to a mission that impacts a significant portion of the global population. If you are a self-starter, possess exceptional problem-solving skills, and are driven by the opportunity to make a tangible difference in the world of information security, we encourage you to apply. Requirements • Minimum of 6 years of hands-on experience in Product Security, Application Security, or Cloud Security. • Proven ability to provide technical guidance across cryptography, network design, application security, data protection, and identity and access management. • Proficiency in conducting code reviews and identifying security vulnerabilities. • Extensive experience securing modern AWS architectures and developing secure infrastructure-as-code (e.g., Terraform, AWS CDK). • Significant experience in leading threat modeling sessions and providing actionable guidance to engineering teams. • Experience in developing security governance frameworks and producing required security outputs. ️ Benefits • Fully remote work environment, offering flexibility and work-life balance. • Opportunity to work on a globally impactful project with significant societal implications. • Competitive compensation package commensurate with experience. • Professional development opportunities to stay at the forefront of information security. • Collaborative and innovative work culture focused on solving complex challenges.