Security Architect

Blockstream was founded in 2014 by Dr. Adam Back and a group of fellow cryptographers and engineers who are passionate about Bitcoin and its potential to change the world. Today, Blockstream is the leading Bitcoin company, providing cutting-edge infrastructure solutions for enterprises, institutions, and individual Bitcoin users. We develop industry-leading Bitcoin self-custody solutions, Bitcoin-based financial products, second-layer scaling technologies, and enterprise-grade blockchain infrastructure.

We’re looking for an experienced Security Architect to design, implement, and oversee secure systems and applications across Blockstream’s enterprise products and infrastructure.

The ideal candidate is a full-stack engineer with a strong backend focus, deep understanding of secure application design, and prior experience building or securing platforms in fintech, banking, or blockchain. You’ll partner closely with product, DevOps, and engineering teams to ensure Blockstream’s systems and data are protected from evolving threats — without compromising innovation or performance.

What You’ll Be Doing (Responsibilities):

• Define and drive security architecture across applications, services, and infrastructure.

• Partner with engineering teams to design and implement secure software systems, focusing on backend and data security.

• Conduct threat modeling, risk assessments, and security reviews for new and existing products.

• Develop and enforce secure coding practices, frameworks, and review processes.

• Collaborate with DevOps on cloud and container security, CI/CD hardening, and access controls.

• Evaluate and integrate security tools for code scanning, vulnerability management, and incident response.

• Guide and mentor engineers on best practices for secure application development.

• Stay ahead of emerging security trends, compliance standards, and attack vectors — particularly in fintech and blockchain domains.

What We Look For in You (Required Qualifications):

• 10+ years of experience in software engineering or security architecture roles.

• Strong full-stack background with deep backend security expertise (Python, Go, C/C++, Rust, or similar languages).

• Demonstrated experience designing and securing systems for enterprise fintech, banking, or blockchain environments.

• Knowledge of cryptography, authentication, and key management.

• Hands-on experience with cloud security (AWS, GCP, or similar).

• Familiarity with threat modeling, secure SDLC, and modern application security frameworks (OWASP, NIST, ISO 27001).

• Excellent communication skills — able to clearly articulate risks and solutions to both technical and non-technical stakeholders.

Nice To Haves (Preferred Qualifications):

• Experience with Bitcoin, Lightning, or blockchain protocols.

• Contributions to open-source security tools or projects.

• Security certifications (CISSP, OSCP, CEH, or equivalent) are a plus but not required.

🔒 Stay Safe from Job Scams
All official Blockstream communication will come from an @blockstream.com email address. We will never ask you to share sensitive information or purchase equipment during the hiring process. If in doubt, contact us at hr@blockstream.com. Learn more about avoiding job scams here.