Security & Compliance Lead

  • 🏛️Protocol Labs
  • 🏷️
  • 🌐
  • 📅9 days ago


About Protocol Labs

Protocol Labs drives breakthroughs in computing to push humanity forward. Protocol Labs is a product-development lab, but behind the protocols and tools we build, behind the research and implementations, are passionate people, teammates, and community members. Most teams in the Protocol Labs Network are fully distributed and work remotely around the world. Engineers, researchers, and operators work in the open to improve the internet — humanity's most important technology — as we explore new advances at the intersection of many exciting fields (crypto, networks, distributed systems) and cultures (startups, research, open-source, distributed work).

Security & Compliance Architect at Protocol Labs

We seek a senior security and compliance architect to develop and implement security best practices within our team while streamlining compliance and reducing risk across our network of teams.

The Security & Compliance Architect strengthens and protects our community by applying a deep knowledge of security best practices and a strategic understanding of the needs of decentralized communities. 

This may include conducting security audits of applications and software, supervising or directly managing systems, developing and delivering training, working with leads and developers to understand and strengthen security and compliance posture, crafting decentralized compliance incentive mechanisms, and more.

This role is about solving complicated business and security challenges, and requires both extensive leadership experience and hands-on technical competence. The ideal candidate will have a demonstrated ability to engage with a diverse group of stakeholders, identify and reconcile conflicting priorities, and generate lasting consensus. The ideal candidate will also have extensive experience configuring, managing, and auditing SaaS technology systems.

As a Security and Compliance Architect at Protocol Labs you will…

  • Provide information and operational security policy leadership and enablement within our team and across our decentralized community 
  • Generate consensus at senior organizational levels as well as across diverse technology-oriented communities
  • Apply first principles to transform legacy security best practices to meet the needs of decentralized and autonomous digital communities
  • Develop and implement policy controls in an open source software development company
  • Define, build, and maintain robust privacy, compliance, and security reporting tools and metrics for decision makers across the community
  • Develop security and policy-related educational and training materials for community audiences
  • Administer Google Vault and other SaaS policy management, data retention, and collection tools
  • Administer, secure, and audit SaaS systems including Google Workspace, Slack, Discord, Notion, Zoom, Github, Matrix, and others.

Bonus points...

  • Active participation in a DAO or related community governance model
  • Leadership or consulting experience in the web3/blockchain ecosystem
  • Professional security certification (CISM, CISSP, etc.)



What’s it like to work at Protocol Labs?
Protocol Labs' mission is to improve humanity’s most important technology, the Internet. We build protocols, systems, and tools to improve how it works. Today, we are focused on how we store, locate, and move information. Our projects include IPFS, Filecoin, libp2p, and more.
As a distributed team, we hire anywhere in the world, and at various levels of experience (entry, senior, staff). We look for people with unique perspectives and diverse backgrounds.
We have a great benefits package, including parental leave, contributions to your retirement, competitive pay, and unlimited time off. For U.S.-based employees, we also provide platinum-level health, dental, and vision coverage for you and your family.

If you’re passionate about the future of computing and a more democratized internet, we want to talk to you.


GDPR for Job Applicants and Candidates

When you apply to a job on this site, the personal data contained in your application will be collected by Protocol Labs, Inc. (“Protocol Labs”), which is located at 427 N Tatnall St #51207, Wilmington, Delaware 19801 and can be contacted by emailing legalrequests[at]  Protocol Labs’ data protection team can be contacted via legalrequests[at]  Your personal data will be processed for the purposes of managing Protocol Labs’ recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by Protocol Labs, which are the solicitation, evaluation, and selection of applicants for employment.

Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Protocol Labs to help manage its recruitment and hiring process on Protocol Labs’ behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards.

Your personal data will be retained by Protocol Labs as long as Protocol Labs determines it is necessary to evaluate your application for employment or to assist in the hiring process. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have the right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.