About the company
Copper is a digital asset technology company dedicated to helping institutional investors safely acquire, trade, and store crypto assets. Built and led by Dmitry Tokarev, a software and financial engineering specialist, the firm provides a comprehensive suite of custody, trading and settlement solutions that reduce counterparty risk and bring greater capital and operational efficiency to digital asset markets. At the heart of Copper's offering is Multi-Party Computation (MPC) technology – the gold standard in secure custody. Copper’s multi-award winning custody system is unique in that it can be connected to centralised exchanges, DeFi applications and even staking pools without the assets leaving the custody. Built on top of this state-of-the-art custody, ClearLoop™ is the first solution in the market that overcomes a growing industry challenge; counterparty risk with exchanges. This solution underpins a full prime services offering, connecting global exchanges and enabling customers to trade and settle directly from the safety of their MPC-secured wallets. By reducing settlement time for transfers to a few milliseconds (without blockchain network dependency) and offering enhanced security measures, ClearLoop™ is rapidly reshaping the way asset managers trade and manage capital. In addition to industry-leading security certifications, Copper has one of the strongest insurance coverages in the industry from an A+ rated insurer, positioning the firm as the partner of choice for institutions seeking to safeguard their assets.
Job Summary
Essential
📍Microsoft Entra ID / Identity Governance: Proficient in managing corporate identity solutions, including integrations with third-party applications to ensure secure access to resources. Skilled in configuring and reporting across Identity Governance and entitlement management within a Microsoft and AWS environment. 📍AWS Security: Skilled in leveraging AWS security services to fortify cloud infrastructure. This encompasses deploying GuardDuty and AWS Security Hub for continuous security monitoring and threat detection, managing AWS Identity and Access Management to ensure robust access controls, and utilising Route 53 and Key Management Service for enhanced security and encryption. 📍Microsoft 365 and Azure Security: Demonstrated expertise in securing corporate environments using Microsoft 365 and Azure Security tools. This includes effectively managing Azure Active Directory, implementing robust identity governance frameworks, and deploying Azure Sentinel for advanced threat protection. Proficiency in utilising Microsoft 365 Defender and Microsoft Purview to safeguard cloud applications, alongside a proven record of accomplishment in enhancing security posture through Azure Information Protection and Intune. 📍Scripting and Automation: Demonstrated ability in using scripting languages like PowerShell, Bash, and Python to automate security tasks, streamline processes, and enhance system efficiencies. 📍System and Application Hardening: Skilled in the assessment and hardening of operating systems and SaaS applications, adhering to CIS and STIG standards. This includes a comprehensive understanding of the best practices in system security and the application of these practices to ensure robust defence against cyber threats. 📍Network Perimeter Security - Experience in securing, configuring, and managing outbound and inbound network traffic using tools for filtering and securing web traffic, network security devices that control traffic, virtualised network environments and Web Application Firewalls (WAF).
Desirable
📍Secure Web Gateway Management: Experience in configuring and managing Secure Web Gateways, such as Zscaler, iBoss, and Netskope, to protect against web-based threats and enforce company security policies. 📍Compliance & Standards: Familiarity with Enterprise Risk Management (ERM) programmes and compliance with standards like IS27001, SOC2, and NIST (National Institute of Standards and Technology) CSF (Cybersecurity Framework). 📍Regulatory and Compliance Awareness: Awareness of the global regulatory landscape as it pertains to cryptocurrencies and digital assets