Senior Security Engineer / Digital Asset / Cryptography

Location: Southlake- Austin is a backup

On-site 4 days per week

Duration: 12 months

Description:

We are hiring a Senior Security Engineer, Digital Asset Custody to serve as the technical authority for Crypto Custody engineering, with deep ownership of key management, custody security architecture, and risk posture across client's digital asset platforms.

This is a handson, highimpact individual contributor role.. The Lead Engineer sets technical direction, defines custody architecture, and owns critical design decisions across HSMs, MPC, key storage, policy enforcement, disaster recovery, and incident response.

This role requires strong engineering judgment in highrisk, hightrust environments, and the ability to operate with autonomy while influencing teams, architects, security, and leadership.

What This Engineer Will Do:

Custody Key Management & Cryptographic Architecture:

• Design, implement, and evolve institutionalgrade key management architectures, including:
• Hardware Security Modules (HSMs)
• MultiParty Computation (MPC)
• Secure key generation, storage, rotation, signing, and recovery
• Define clear tradeoffs and architectural patterns across hot wallet, warm wallet, and cold storage models.
• Ensure cryptographic designs align with regulatory, security, and audit expectations.
• Partner closely with Cybersecurity and Risk to embed defenseindepth and zerotrust principles into custody design.

Custody Policy Engine & Governance:

• Lead the design of the Custody Policy Engine, governing:
• Authorization, approvals, limits, and segregation of duties
• Transaction controls and exception handling
• Policy versioning, auditability, and enforceability
• Ensure policies are codedriven, deterministic, observable, and testable.
• Translate business, legal, and risk requirements into clear, enforceable technical controls.
• Serve as a trusted technical advisor on custody governance topics.

Disaster Recovery, Resilience & Incident Ownership:

• Own custodyspecific disaster recovery strategies, including key recovery, quorum loss scenarios, and chain events.
• Author and maintain incident response and recovery runbooks for custodyrelated failures or security events.
• Partner with Operations, Security, and SRE to ensure practicable, tested recovery procedures.
• Lead postincident technical analysis, root cause reviews, and longterm remediation strategies.

Overall Custody Architecture & Risk Posture:

• Act as the custody architecture authority, ensuring consistency across wallets, blockchains, environments, and platforms.
• Identify architectural and operational risks early; propose mitigation strategies with clear tradeoffs.
• Ensure custody designs scale across assets, chains, and future tokenized products.
• Influence enterprise standards by raising the bar on security, resilience, and technical rigor.

AIAugmented Engineering Excellence:

• Leverage GenAI and agentic AI tools to accelerate architecture design, threat modeling, documentation, testing, and reviews.
• Set expectations for AIassisted engineering rigor speed with correctness, not shortcuts.
• Partner with engineering teams to raise architecture, code, and documentation quality across custody components.

What you have:

Required Qualifications:

• 10+ years of software engineering experience, with deep specialization in securitysensitive or cryptographic systems.
• Strong handson experience with HSMs, MPC frameworks, and secure key management systems.
• Experience with Web3 Security tooling such as Slither, Mythril, Foundry Fuzzing
• Experience with common cryptography implementation languages such as C, C++, Rust, Go
• Experience with collaborating with security auditors, Ex: Trail of bits, halborn,
• Proven ability to design systems where failure has material risk implications.
• Strong grounding in distributed systems, secure architectures, and faulttolerant design.
• Track record of acting as a technical authority without formal people management.

Strongly Preferred:

• Experience with crypto custody, digital asset platforms, or blockchain infrastructure.
• Prior ownership of incident response, DR design, or security runbooks.
• Ability to articulate riskbased tradeoffs clearly to technical and nontechnical stakeholders.
• Systems thinker who connects technology, security, policy, and operations.
• Comfortable challenging assumptions and raising concerns early in highstakes environments.
• Experience applying AI tools to complex engineering workflows.

What Success Looks Like:

• Custody key management and policy systems are secure, resilient, auditable, and trusted.
• Failure modes are well understood, modeled, and operationally prepared for.
• Incidents are handled with clarity, speed, and technical confidence.
• Custody architecture scales across assets, chains, and tokenized products without erosion of risk posture.
• This role is viewed as the technical backbone of Schwab s digitalasset custody strategy.