Quidax is an African focused cryptocurrency exchange. We enable customers to buy/sell Bitcoin and other cryptocurrencies (Ethereum, USDT and Litecoin) with Naira.
Our vision, which is at the core of what we do every day at Quidax, is to build a world where sending money and value around the globe is as easy as sending a text message. We value positive energy, and clear communication and are committed to building an inclusive environment for people from every background.
About the Role
- We’re looking for an Infrastructure Security Engineer who can build and maintain a strong security posture in a fast-moving, high-stakes financial environment, without slowing the business down.
- This role sits at the heart of our security infrastructure, protecting our cloud, networks, endpoints, databases, code repositories, data stores and critical systems.
- You’ll be designing, re-designing, fixing and continuously improving how we secure Quidax at scale.
- If you’re the kind of person who is very meticulous, process oriented, logical and has a passion for cybersecurity technologies — you’ll fit right in.
What You’ll Be Owning
Security Solutions Configuration, Review & Optimization:
- Within 30 days, the Infrastructure Security Engineer should be able to carry out configuration of various security solutions including network firewalls, Endpoint Detection & Response Solutions, Web Application Firewalls, Cloud Native Application Protection Platforms, Security Incident and Event Management, Security Orchestration Automation and Response Solutions, Identity Provider Solutions and Threat Management Solutions among others.
- Within 90 days, the Infrastructure Security Engineer should be able to carry out reviews & optimizations on various security solutions in compliance with the established policies.
- Within 180 days, the Infrastructure Security Engineer should review current security baselines & ensure alignment of all security and technology solutions with the security baselines across all environments (cloud, endpoints, network).
Audits & Compliance Reviews:
- Within 90 days, the Infrastructure Security Engineer should have adequate understanding of our existing infrastructure security systems and technical controls (how they work, effectiveness & gaps if any) to be able to provide insights during audits & compliance reviews.
- Within 180 days, the Infrastructure Security Engineer should be able to assume roles within our Information Systems Management framework.
- Within 180 days, the Infrastructure Security Engineer should be able to work with Governance Risk & Compliance to close audit findings quickly and effectively.
Access Control Management & Optimization:
- Within 30 days, the Infrastructure Security Engineer should have an understanding of our Access Control Policies, Processes & Technologies.
- Within 30 days, the Infrastructure Security Engineer should be able to take ownership of Access provisioning, decommissioning & access management optimization.
- Within 90 days, the Infrastructure Security Engineer should have conducted a review of the current access management system, identified gaps and propose recommendations.
Vulnerability Management:
- Within 60 days, establish a consistent vulnerability management process across infrastructure and endpoints
- Within 90 days, ensure all critical & high vulnerabilities have clearly defined remediation SLAs
- Within 180 days, reduce monthly recurring unremediated vulnerabilities by 40%
- Provide clear, actionable vulnerability remediation guidance to Engineering and DevOps teams.
Security Monitoring, Detection & Response:
- Within 30 days, review and be conversant with existing SIEM architecture.
- Within 90 days, identify and document all areas of improvement in our security event monitoring.
- Within 180 days, start implementing all areas of improvement to log aggregation, security event analysis and alerting.
- Within 90 days, identify new playbooks for automated incident response in the SOAR and document the recommendations
- Within 12 months, implement the playbooks for automated incident response recommendations in the SOAR
- Continuously improve detection coverage and incident response automation and orchestration across cloud, endpoints, and network layers.
Secure Cloud & Network:
- Within 30 days, review and understand services & configurations across multi-cloud platforms.
- Within 60 days, be able to administer security policies & security services across multi-cloud platforms.
- Within 60 days, partner with relevant Engineering teams to ensure security is embedded in infrastructure design and configuration from day one.
Security Operations & Automation:
- Within 30 days, review existing automations, test them out and identify areas of for optimization/improvement.
- Within 180 days, automate at least 30% of repetitive security operations tasks
- Continuously evaluate and implement new tools that improve detection, prevention, or efficiency
- Continuously improve security policies and enforcement mechanisms
Cross-Functional Security Enablement:
- Work closely with Engineering, DevOps, and Product teams to embed security into workflows
- Provide hands-on guidance during system design, deployments, and incident response.
- Promote strong security practices across the company — not just enforce them
What We’re Looking For
Must-haves:
- You’ve secured cloud-native environments in a real-world, high-scale setup
- You can go from “there’s a problem” to “here’s the fix” to “it’s deployed” without hand-holding
- Strong hands-on experience with SIEM, EDR, firewalls, WAFs, vulnerability management tools, Networking concepts (routing, NAT, segmentation, access control), Cloud security (IAM, logging, monitoring, secure configs)
- You can break down complex systems into their simple parts and understand how they are built, how they break and what it takes to fix them.
- You’re proactive and detail-oriented
- You can collaborate with engineers and influence decisions without being the “security police”
- You enjoy Cybersecurity and have a passion for learning about new Technologies.
- You are committed to continuous development and search out the latest vulnerabilities, attack vectors and security solutions.
Nice-to-Haves:
- Experience with implementing security solutions & driving secure processes in fintech, blockchain, or financial systems
- Experience writing scripts & automating workflows with technologies like Python,Ansible & Terraform.
- Experience with implementing DevSecOps processes and technologies including access control, key management, policy gates e.t.c.
- Understanding of blockchain security concepts
- Understanding of AI, it’s risks,AI security and AI security solutions
- Certifications like CCSP, CEH, CCNP, PCNSE, Security+, AWS.
Biggest Challenges You’ll Tackle
The biggest challenges you’ll have to tackle are:
- Figuring out how multiple vendor technologies have been stitched together while having to actively carry out security operation tasks in a new environment
- Balancing operational security tasks with long-term architecture improvements
- Integrating with the relevant Engineering teams to ensure security is embedded into our engineering processes.
- Driving security adoption across teams that just want to ship
- Securing a fast-growing crypto infrastructure without slowing down product delivery
- Reducing alert fatigue while improving real threat detection
- Keeping up with evolving threats in the cloud, blockchain and global security landscape.