[Remote] Security Specialist – Web3 / SaaS / DeFi | Fully Remote

Note: The job is a remote job and is open to candidates in USA. Spectrum Search is a rapidly growing organization focused on democratizing access to next-gen finance and technology through a pioneering SaaS platform. They are seeking a Security Specialist to enhance their operational security frameworks, ensuring the confidentiality, integrity, and availability of systems and customer assets across their infrastructure. Responsibilities • Monitor, investigate, and respond to security events across systems, cloud platforms, and internal tools • Deploy and manage security tools: SIEM, IDS/IPS, endpoint protection, vulnerability scanners, logging infrastructure • Conduct vulnerability assessments and coordinate remediation • Maintain secure configuration baselines across infrastructure and cloud services • Enforce Data Loss Prevention (DLP) policies and monitor data movement across environments • Map internal and external data flows across APIs, systems, and SaaS applications • Secure cloud environments (AWS preferred), including encryption strategies and cloud-native tools • Manage network segmentation, access policies, and secrets management • Support GDPR, SOC 2, ISO 27001, and crypto-specific compliance • Maintain and enforce internal security policies and procedures • Collaborate with privacy and governance teams to align frameworks • Lead access control practices including IAM, RBAC, least-privilege models, MFA, and anomaly detection • Conduct access audits and privilege reviews • Maintain robust audit logging and behavioural monitoring • Deliver training, simulations, and awareness programs • Run phishing and social engineering prevention initiatives • Lead the full incident response lifecycle: detection through post-mortem • Maintain and iterate incident playbooks and run regular tabletop exercises • Partner with engineering to embed security into product development • Conduct security reviews, code analysis, and threat modelling Skills • 3+ years of experience in cybersecurity, information security, or security operations • Proficiency in Data Loss Prevention (DLP) and data classification tools • Strong data flow mapping capabilities • Solid cloud security expertise (AWS preferred) • In-depth understanding of IAM, RBAC, MFA, and security monitoring • Experience with SIEM tools, endpoint protection, and vulnerability management • Incident response expertise and knowledge of common threat models (e.g., MITRE ATT&CK) • Familiarity with GDPR, SOC 2, or other data protection regulations • Clear communicator able to bridge technical and non-technical stakeholders • Background in fintech, blockchain, or DeFi • Knowledge of cryptography, wallets, smart contracts, or key management • Security certifications (e.g., Security+, OSCP, GCIH, CCSP) • Scripting experience for automating security processes • Exposure to ISO 27001 or SOC 2 Type II frameworks Benefits • Flexible 40-hour workweek • Unlimited paid time off • Remote-first culture – work from anywhere • Team off-sites and international events Company Overview • We help the world’s most ambitious Web3 companies hire the talent they need to scale. Fast. It was founded in 2018, and is headquartered in London, England, GB, with a workforce of 11-50 employees. Its website is Apply tot his job