Jobs · Information Technology · Texas

Senior Security Engineer, Digital Asset Custody

Charles Schwab · Austin, TX · 2 wk ago
HybridInformation TechnologyFull-time

Custody Key Management & Cryptographic Architecture

  • Design, implement, and evolve institutional-grade key management architectures, including:
    • Hardware Security Modules (HSMs)
    • Multi-Party Computation (MPC)
    • Secure key generation, storage, rotation, signing, and recovery
    • Define clear trade-offs and architectural patterns across hot wallet, warm wallet, and cold storage models.
    • Ensure cryptographic designs align with regulatory, security, and audit expectations.
    • Partner closely with Cybersecurity and Risk to embed defense-in-depth and zero-trust principles into custody design.

Custody Policy Engine & Governance

  • Lead the design of the Custody Policy Engine, governing:
    • Authorization, approvals, limits, and segregation of duties
    • Transaction controls and exception handling
    • Policy versioning, auditability, and enforceability
    • Translate business, legal, and risk requirements into clear, enforceable technical controls.
    • Serve as a trusted technical advisor on custody governance topics.

Disaster Recovery, Resilience & Incident Ownership

  • Own custody-specific disaster recovery strategies, including key recovery, quorum loss scenarios, and chain events.
  • Author and maintain incident response and recovery runbooks for custody-related failures or security events.
  • Partner with Operations, Security, and SRE to ensure practicable, tested recovery procedures.
  • Lead post-incident technical analysis, root cause reviews, and long-term remediation strategies.

Overall Custody Architecture & Risk Posture

  • Act as the custody architecture authority, ensuring consistency across wallets, blockchains, environments, and platforms.
    • Identify architectural and operational risks early; propose mitigation strategies with clear trade-offs.
    • Ensure custody designs scale across assets, chains, and tokenized products without erosion of risk posture.
    • Influence enterprise standards by raising the bar on security, resilience, and technical rigor.

AI-Augmented Engineering Excellence

  • Leverage GenAI and agentic AI tools to accelerate architecture design, threat modeling, documentation, testing, and reviews.
    • Set expectations for AI-assisted engineering rigor—speed with correctness, not shortcuts.
    • Partner with engineering teams to raise architecture, code, and documentation quality across custody components.

Required Qualifications

  • 10+ years of software engineering experience, with deep specialization in security-sensitive or cryptographic systems.
  • Strong hands-on experience with HSMs, MPC frameworks, and secure key management systems.
  • Experience with Web3 Security tooling such as Slither, Mythril, Foundry Fuzzing
  • Experience with common cryptography implementation languages such as C, C++, Rust, Go
  • Experience with collaborating with security auditors, Ex: Trail of bits, halborn,
  • Proven ability to design systems where failure has material risk implications.
  • Strong grounding in distributed systems, secure architectures, and fault-tolerant design.
  • Track record of acting as a technical authority without formal people management.

Strongly Preferred

  • Experience with crypto custody, digital asset platforms, or blockchain infrastructure.
  • Prior ownership of incident response, DR design, or security runbooks.
  • Able to articulate risk-based trade-offs clearly to technical and non-technical stakeholders.
  • Systems thinker who connects technology, security, policy, and operations.
  • Comfortable challenging assumptions and raising concerns early in high-stakes environments.
  • Experience applying AI tools to complex engineering workflows.

Similar jobs