Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security for digital assets and blockchain, ensuring compliance and robust controls.
- Company: Join a forward-thinking company at the forefront of Web3 and blockchain technology.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Why this job: Make a significant impact in securing the future of digital assets and blockchain.
- Qualifications: 8+ years in security assurance with expertise in cloud security and compliance.
- Other info: Dynamic role with a chance to shape the security landscape in an innovative environment.
The predicted salary is between 36000 - 60000 £ per year.
We are seeking an experienced Head of Custody Security to lead our efforts in ensuring robust security for digital asset custody and blockchain infrastructure. This role will focus on designing and implementing security controls, supporting client assurance, and ensuring compliance with regulatory standards. The ideal candidate is a strategic thinker with deep expertise in security assurance, audit, and cloud security, and a passion for advancing Web3 and blockchain technologies.
Key Responsibilities
- Design, conduct, and implement testing of security controls for identity management, key management, and infrastructure (network and cloud) configurations.
- Support client assurance by preparing responses to Requests for Proposals (RFPs), Requests for Information (RFIs), and Due Diligence Questionnaires (DDQs).
- Analyze trends in client inquiries and provide actionable feedback to internal teams to enhance documentation and control readiness.
- Perform security due diligence and ongoing monitoring of Web3/blockchain vendors, including assessing control maturity, reviewing SOC reports, and identifying residual risks.
- Facilitate external audit activities, coordinating walkthroughs, evidence collection, and response tracking.
- Identify and analyze gaps in current and new processes, developing and tracking remediation recommendations to completion (e.g., onboarding workflows).
- Maintain a deep understanding of applicable financial regulatory security requirements and ensure alignment of controls.
- Research and share information security best practices, emerging threats, and mitigation strategies with internal teams.
- Evaluate and propose next-generation security tools, automation, and technologies to strengthen the overall security posture.
- Review blockchain network or protocol upgrades to assess their potential security impact on the platform.
Requirements
- Minimum of 8 years of experience in security assurance, audit, compliance, or cloud security engineering.
- Proven expertise in testing and validating security controls across Identity and Access Management (IAM), key management, and network/cloud environments.
- Strong understanding of IAM principles and their application in secure systems.
- In-depth knowledge of cryptographic key management, Hardware Security Modules (HSMs), and Key Management Systems (KMS).
- Solid understanding of cloud and network security architecture and configurations.
- Demonstrated experience supporting external audits and assessments, such as SOC 1, SOC 2, ISO 27001, or PCI DSS.
- Hands-on experience with major cloud platforms (AWS, GCP, Azure) and infrastructure-as-code practices.
- Proficiency in preparing client assurance materials, including RFP/RFI/DDQ responses and evidence documentation.
Head of Information Security employer: MCG Talent
Contact Detail:
MCG Talent Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information Security
✨Tip Number 1
Network like a pro! Attend industry events, webinars, and meetups to connect with others in the security field. We can’t stress enough how important it is to build relationships; you never know who might have the inside scoop on job openings.
✨Tip Number 2
Show off your expertise! Create a personal website or blog where you can share insights on security trends, best practices, and your thoughts on blockchain technologies. This not only showcases your knowledge but also makes you stand out to potential employers.
✨Tip Number 3
Prepare for interviews by brushing up on common security scenarios and case studies. We recommend practising your responses to technical questions and situational challenges that relate to the role of Head of Information Security. Confidence is key!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search. Let’s get you that dream role!
We think you need these skills to ace Head of Information Security
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Head of Information Security role. Highlight your experience in security assurance, audit, and cloud security, and show us how your skills align with our needs.
Showcase Your Expertise: Don’t hold back on sharing your deep expertise in security controls and compliance. Use specific examples from your past roles to demonstrate how you've successfully implemented security measures and supported audits.
Be Clear and Concise: When writing your application, keep it clear and to the point. We appreciate straightforward communication, so avoid jargon unless it's necessary to showcase your knowledge in blockchain and security.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for this exciting opportunity in our team!
How to prepare for a job interview at MCG Talent
✨Know Your Security Stuff
Make sure you brush up on your knowledge of security controls, especially around identity management and cloud security. Be ready to discuss specific examples from your past experience where you've designed or implemented these controls.
✨Prepare for Client Assurance Questions
Since this role involves preparing responses to RFPs and RFIs, practice articulating how you've successfully supported client assurance in previous roles. Have a few examples ready that showcase your ability to communicate complex security concepts clearly.
✨Stay Updated on Regulatory Standards
Familiarise yourself with the latest financial regulatory security requirements. Be prepared to discuss how you've ensured compliance in your previous positions and how you would approach it in this new role.
✨Show Your Passion for Web3 and Blockchain
This role is all about advancing blockchain technologies, so make sure to express your enthusiasm for the field. Share any relevant projects or research you've done that highlights your commitment to staying ahead of emerging threats and best practices.