Kind Fintech•3h ago
Naukri
Security Architect
Remote
Remote
Senior Level
N/A
N/A
N/A
Qualifications & Requirements
Experience Level: Senior Level
Full Job Description
Security Architect (Web3 + Infrastructure)
Kind Fintech is seeking a highly skilled Security Architect to lead the design and implementation of robust security measures across our entire Web3 and infrastructure ecosystem. This is a pivotal, foundational role where you will collaborate directly with our founders and engineering teams to embed security by design into all our products before development even begins. You will be instrumental in shaping the security posture of our innovative financial technology solutions.
Key Responsibilities
Security Architecture (Primary Focus)
- Design comprehensive end-to-end security architectures for all new products prior to development.
- Define critical trust boundaries, identify potential attack surfaces, and develop detailed threat models.
- Conduct thorough reviews of all system architectures, encompassing backend infrastructure, on-chain programs, and APIs.
Threat Modeling & Risk Analysis
- Employ structured threat modeling methodologies (e.g., STRIDE) to identify and analyze potential security risks.
- Assess and mitigate risks across smart contracts (Solana programs), APIs and backend systems, and wallet interactions/signing flows.
- Maintain and update living threat models to reflect evolving product landscapes.
Smart Contract Security (Solana Expertise)
- Establish secure design patterns for Solana programs, focusing on PDA authority management, upgradeability versus immutability, and access control/permissions.
- Review smart contract logic both before and during the development lifecycle.
- Collaborate closely with Rust engineers to ensure secure implementation of on-chain programs.
Key Management & Access Control
- Design secure systems for multisig solutions (e.g., Squads), treasury management, and administrative privileges.
- Define clear policies for hot and cold wallet management.
- Ensure the secure handling of signing flows and the operation of relayers.
Infrastructure & Backend Security
- Architect security for APIs, including rate limiting, authentication, and abuse prevention.
- Ensure the security of AWS/cloud environments.
- Securely integrate with RPC providers such as Helius and Triton.
- Define and enforce best practices for secrets management, database security, and CI/CD pipelines.
Economic & Protocol Security (Critical)
- Identify and mitigate risks associated with MEV/front-running, liquidity manipulation, wash trading/incentive abuse, and oracle manipulation.
- Partner with the product team to design incentive systems that are inherently resistant to attack.
Audit & External Security Management
- Lead the coordination and engagement with external security audit firms.
- Review audit reports, ensure thorough remediation of identified vulnerabilities, and validate fixes before deployment.
Security Standards & Internal Framework Development
- Develop and maintain the Kind Security Standard (KSS).
- Create reusable security frameworks applicable across various products, including KindSwap, our Wallet, Prediction Markets, and APIs.
Incident Preparedness
- Design and implement emergency controls such as pause mechanisms and circuit breakers.
- Establish robust incident response processes.
- Define a comprehensive monitoring and alerting strategy to detect and respond to security events.
Required Experience
Must-Haves (Non-Negotiable)
- 3-8+ years of experience in security architecture, application security, or DevSecOps.
- Proven experience with Web3/blockchain security, ideally with Solana or Ethereum.
- A strong understanding of smart contract vulnerabilities, key management systems, and API/backend security.
- Demonstrated experience in threat modeling and system design.
Strongly Preferred
- Hands-on experience with the Solana ecosystem (Rust, Anchor, PDAs).
- Previous work on DeFi protocols, DEX/AMM/aggregators, or trading/financial systems.
Company
Kind Fintech
Remote
Posted on Naukri