**Exodus** is responsible for storing the digital assets of many around the world. As part of our mission is to empower people to control their wealth - we have a duty to help our customers stay secure.
Your role as the Chief Information Security Officer will be to develop standards, initiatives, and teams to protect Exodus, its assets, and customers from all potential cyber-attacks. This is one of the most important roles within the company.
Your first initiative will be to asses the current state of security within the organization and then develop a comprehensive 6-month plan for improvement. Your plan will require you to build a team of security professionals including: pentesters, code auditors, infosec experts, and other professionals to aid in your mission to protect the customers of Exodus.
We also believe that in this ecosystem, the only way to truly build a successful product is to build trust with customers. This will require you to have some availability for customer service via Slack and email support. This shouldn't scare you, as it's an opportunity to learn what's wrong with the product and potentially develop more insight into vulnerabilities.
**What You Will Do:**
- Analyze how Exodus employees interact and login to Exodus services. Implement security policies and procedures for all Exodus employees and contractors to adhere to.
- Oversee and coordinate security efforts across the company, including IT/devops, engineers, communications, legal, and other groups.
- Oversee a network of vendors who provide security services to Exodus.
- Initiate, facilitate, and promote activities to create a culture of cyber-security and to foster infosec awareness within the organization.
- Evaluate security trends, evolving threats, risks and vulnerabilities and apply tools to mitigate risk as necessary.
- Take inventory of all of Exodus databases and services and identify attack vectors.
- Conduct interviews with the engineering team to learn and understand the architecture of Exodus.
- Develop a 6-month comprehensive plan for improvement deliverable to the executive team.
- Build a team of professionals to regularly conduct penetration testing of Exodus servers and code reviewers to ensure Exodus is shipping secure code.
**Who You Are:**
- You have excellent references and a history of trust and established relationships in former careers.
- You have a passion for cryptocurrencies, demonstrated passion for infosec, and see your purpose to help customer secure their wealth.
- You have a solid understanding of cryptography including public-key cryptography and symmetric cryptography.
- You understand how decentralized consensus systems work.
- You're familiar with Bitcoin scripts and Ethereum smart contracts.
- You're knowledgeable on how remote exploits and buffer overflow exploits work and may have even done research in this area.
- Penetration testing, injection attacks, XSS is something you understand as second nature.
- You're familiar with C/C++ and at least one scripting language and are not afraid to get your hands dirty writing some code from time-to-time. Bonus points for deeply understanding Node.js.
- You must be a United States citizen residing in the contiguous region.
- You're a unicorn.