| Job Title: General Security Lead Cramium Labs ( www.cramiumlabs.com) is a division of CrossBar, Inc. ( www.crossbar-inc.com) designing microcontrollers based on ARM M-series and Risc-V CPUs with peripherals including advance security accelerators and countermeasures. We are seeking a General Security Lead to join our Crypto/Blockchain Team and contribute to define, lead, and enforce the end-to-end security strategy across our product ecosystem – spanning secure ICs (MCUs, Ses), cryptographic hardware wallets, and muti-party computation (MPC) systems deployed across mobile, cloud, and hardware environments. About the Role This role is both strategic and hands-on, ensuring that our technologies and infrastructure meet the highest standards of trust, integrity, and compliance. The ideal candidate combines deep technical expertise with leadership skills to align security initiatives with business and product goals. Key Responsibilities 1. Product & System Security Leadership - Own and unify the overall security architecture across product lines — secure MCUs, secure elements, crypto wallets, and MPC systems (including mobile, cloud, and hardware components).
- Conduct comprehensive risk assessments and maintain threat models for all product domains.
- Define and enforce security baselines and development standards across engineering teams.
- Collaborate with product, cryptography, and software groups to ensure robust cryptographic key lifecycle management (generation, provisioning, attestation, and revocation).
- Champion secure design principles, including secure boot chains, firmware signing, tamper resistance, and SE provisioning.
- Establish and oversee supply-chain verification frameworks ensuring component authenticity, provenance tracking, and manufacturing audits.
2. Corporate PKI, Trust Infrastructure & IAM - Design and implement the company’s corporate Public Key Infrastructure (PKI) to support hierarchical trust across corporate, product, and manufacturing domains.
- Define certificate policies, oversee HSM operations, and manage key ceremonies for root and intermediate authorities.
- Integrate PKI services across IAM, device provisioning, and supply-chain workflows.
- Oversee enterprise IAM systems (e.g., Okta, Azure AD), ensuring alignment with internal PKI and enforcing least-privilege and MFA principles.
- Establish governance and continuous monitoring for identity, credential, and access management.
3. Compliance, Governance & Risk Management - Lead the company’s security compliance roadmap toward SOC 2, FIPS 140-3, ISO 27001, Common Criteria, and other relevant certifications.
- Define and maintain company-wide security policies, risk registers, and audit trails.
- Serve as the principal security authority to executive leadership, reporting regularly on risk posture, incident trends, and mitigation plans.
- Engage external auditors and certification partners to maintain continuous adherence to industry standards.
- Promote a culture of security awareness and cross-functional accountability.
Qualifications Required - 8+ years of experience in information security, product security, or cryptographic system design.
- Hands-on experience with HSMs, PKI, and cryptographic protocols.
- Deep understanding of IAM systems (Okta, Azure AD, or similar).
- Proven exposure to SOC 2, FIPS 140-3, ISO 27001, or Common Criteria processes.
- Familiarity with hardware supply-chain security, device attestation, and manufacturing trust flows.
- Strong cross-functional leadership, communication, and stakeholder-management skills.
- Advanced degree in Computer Science, Electrical Engineering, Cybersecurity, or a related field.
Preferred - Experience in wallet security, MPC protocols, or secure enclave design.
- Prior leadership of compliance or certification initiatives.
- Demonstrated ability to build and mentor security teams across multiple domains.
Benefits for US Employees We offer medical, dental, vision, life, AD&D, STD, and LTD insurance programs, 401K Plan, and Paid Time Off. Interested candidates, please turn in your resume with your compensation expectations when applying. Crossbar is an Equal Employment Opportunity Employer.
|
