National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Senior Security Engineer

Copper.co
Greater London
1 year ago
Create job alert

Copper is a digital asset technology company dedicated to helping institutional investors safely acquire, trade, and store crypto assets.

Built and led by Dmitry Tokarev, a software and financial engineering specialist, the firm provides a comprehensive suite of custody, trading and settlement solutions that reduce counterparty risk and bring greater capital and operational efficiency to digital asset markets. At the heart of Copper's offering is Multi-Party Computation (MPC) technology – the gold standard in secure custody. Copper’s multi-award winning custody system is unique in that it can be connected to centralised exchanges, DeFi applications and even staking pools without the assets leaving the custody.

Built on top of this state-of-the-art custody, ClearLoop is the first solution in the market that overcomes a growing industry challenge; counterparty risk with exchanges. This solution underpins a full prime services offering, connecting global exchanges and enabling customers to trade and settle directly from the safety of their MPC-secured wallets. By reducing settlement time for transfers to a few milliseconds (without blockchain network dependency) and offering enhanced security measures, ClearLoop is rapidly reshaping the way asset managers trade and manage capital.

In addition to industry-leading security certifications, Copper has one of the strongest insurance coverages in the industry from an A+ rated insurer, positioning the firm as the partner of choice for institutions seeking to safeguard their assets.

Department environment

Copper’s Information Security department keep the business’ systems and network resources secure and protect the company, employees, and client data.

The Infrastructure Security team focuses on providing objective oversight and validation of Copper’s infrastructure security controls and processes.

As a Senior Security Engineer, you will be instrumental in strengthening Copper's security infrastructure, technical controls, and assurance, in this critical and exciting role.

You will collaborate with various teams to implement and maintain robust security measures, ensuring the effectiveness of our security posture across Copper, and safeguarding our digital assets against threats.

Key Responsibilities of the role

Identity and Access Management (IAM)

Responsible for configuring and implementing Identity and Access Management solutions and supporting systems, including Entra ID (AAD), Identity Governance, and AWS Identity Centre. Manage permission settings and access controls to ensure secure and efficient user access to company resources.

Security Systems Configuration and Analysis

Ensure security systems are configured according to specified requirements and industry best practices. Analyse current security setups, recommend improvements, and assess against standards like CIS, STIG, and internal control frameworks.

Security Solution Inventory and Maintenance

Maintain an inventory of security solutions like firewalls and anti-virus software. Regularly review and recommend changes or upgrades to existing security tools.

Security Practices and Technical Advice

Consult with staff, managers, and executives to advocate best security practices. Provide technical advice on security measures and potential enhancements. Create or update policies and procedures to align with industry regulations and best practices.

Security Risk Management

Manage vulnerability scanning tools (Wiz, Defender, Armorcode) to identify and mitigate security risks across endpoints and cloud infrastructure. Conduct risk assessment activities to identify potential threats and develop plans to address vulnerabilities. Ensure security controls comply with SOC2 framework and other regulatory requirements.

Scripting and Automation

Design and implement solutions for log shipping to managed SIEM systems, such as Microsoft Sentinel. Expectation for this role is you will oversee the integration of diverse data sources, including network logs, application logs, and security feeds, to enhance the analytical capabilities of our security systems. Develop and maintain scripts for efficient operation and response within the security infrastructure, utilising a variety of high-level programming languages (notably, PowerShell and/or Python)

Your experience, skills and knowledge

Essential

Microsoft Entra ID / Identity Governance:Proficient in managing corporate identity solutions, including integrations with third-party applications to ensure secure access to resources. Skilled in configuring and reporting across Identity Governance and entitlement management within a Microsoft and AWS environment.AWS Security:Skilled in leveraging AWS security services to fortify cloud infrastructure. This encompasses deploying GuardDuty and AWS Security Hub for continuous security monitoring and threat detection, managing AWS Identity and Access Management to ensure robust access controls, and utilising Route 53 and Key Management Service for enhanced security and encryption.Microsoft 365 and Azure Security:Demonstrated expertise in securing corporate environments using Microsoft 365 and Azure Security tools. This includes effectively managing Azure Active Directory, implementing robust identity governance frameworks, and deploying Azure Sentinel for advanced threat protection. Proficiency in utilising Microsoft 365 Defender and Microsoft Purview to safeguard cloud applications, alongside a proven record of accomplishment in enhancing security posture through Azure Information Protection and Intune.Scripting and Automation: Demonstrated ability in using scripting languages like PowerShell, Bash, and Python to automate security tasks, streamline processes, and enhance system efficiencies.System and Application Hardening: Skilled in the assessment and hardening of operating systems and SaaS applications, adhering to CIS and STIG standards. This includes a comprehensive understanding of the best practices in system security and the application of these practices to ensure robust defence against cyber threats.Network Perimeter Security- Experience in securing, configuring, and managing outbound and inbound network traffic using tools for filtering and securing web traffic, network security devices that control traffic, virtualised network environments and Web Application Firewalls (WAF).

Desirable

Secure Web Gateway Management:Experience in configuring and managing Secure Web Gateways, such as Zscaler, iBoss, and Netskope, to protect against web-based threats and enforce company security policies.Compliance & Standards:Familiarity with Enterprise Risk Management (ERM) programmes and compliance with standards like IS27001, SOC2, and NIST (National Institute of Standards and Technology) CSF (Cybersecurity Framework).Regulatory and Compliance Awareness:Awareness of the global regulatory landscape as it pertains to cryptocurrencies and digital assets

The benefits offered

Holidays: 27 days per annum paid holiday, in addition to bank holidays Years of Service Days: Employees are awarded one additional day of paid time off per year of service (up to three years) Vitality Health: Medical Insurance: Copper provides all employees with individual cover. Medical history is disregarded, and a 24/7 virtual GP is available (£100 excess per person per year)Dental Insurance: Comprehensive dental cover for preventative, restorative and emergency treatmentAudiology Cover: Employees can claim back up 80% of costs, up to £300, for any hearing tests or hearing aidsOptical Cover: £500 optical cover (through Vision Express) or 80% reimbursement up to £300 for any other opticianMenopause Support: Unlimited support for those experiencing symptoms of the menopause, such as video consultations with a dedicated menopause practitionerVitality services also include an additional £100 for minor diagnostic tests and private prescriptions, including home diagnosticsHeadspace - Copper's policy provides all employees with a free Headspace subscription. Headspace provides great resources to manage stress, improve sleep, meditate and enhance mindfulnessDiscounts and free benefits - the Vitality programme has been designed for preventative care to encourage members to improve their overall health and will reward those for doing so. Employees can access additional benefits such as 50% off running shoes, discounted health screenings, 50% off at Nuffield Health or Virgin Active gyms and much more Home Working Energy Support Scheme: to combat energy prices increasing globally, Copper will provide you, in addition to your salary, with a monthly top-up of £60 or £75 (subject to your energy supplier) Pension up to 10% matched contribution to our company pension scheme via Smart Pensions Cycle to Work Life Insurance cover: Four times your base salary EAP: access unlimited mental health consultations and contact a 24/7 confidential helpline for emotional support Unmind Sponsored Learning and Development opportunities Regular company events and social activities

In return for everything you can bring to Copper, we can offer you an exciting, challenging role in a fast-growing and dynamic business, with career opportunities and welcoming working environment.

If you think you have everything we're looking for and more, then we'd love you to apply for the opportunity.

Copper is an equal opportunity employer. We embrace diversity and equal opportunities in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. So, bring us your experience, perspectives, and skills. It is in our differences that we will continue to grow and ensure Copper is transforming how institutional investors engage with digital assets. Copper is a Disability Confident Employer, please let us know if you have a disability. If you require us to provide any assistance during the recruitment process, then we would ask you to highlight this to us and we will be happy to accommodate.

Related Jobs

View all jobs

Senior Security Engineer

Senior Security Engineer

Senior Security Engineer - London - £55,000

Senior Security Engineer / Division Manager

Senior Security Engineer

Senior Security Engineer

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Cyber Security Jobs Skills Radar 2026: Emerging Frameworks, Tools & Certifications to Learn Now

Cyber threats are evolving—and so must the people defending against them. As ransomware, AI-enhanced phishing, and supply chain attacks grow more advanced, UK employers are urgently hiring cyber security professionals with the right mix of strategic and hands-on skills. Welcome to the Cyber Security Jobs Skills Radar 2026, your go-to guide for the most in-demand tools, frameworks, certifications, and technologies shaping the UK's cyber workforce. Whether you're a SOC analyst, penetration tester, or cloud security architect, this annual radar is designed to help you stay ahead of the market.

How to Find Hidden Cyber Security Jobs in the UK Using Professional Bodies like BCS, CIISec & More

The demand for skilled cyber security professionals in the UK has never been higher. With threats increasing in sophistication and frequency, organisations are urgently hiring ethical hackers, threat analysts, GRC specialists, and security architects. But many of the most valuable roles—particularly in government, defence, and critical infrastructure—are never publicly advertised. Instead, these jobs are shared behind the scenes through trusted networks, private communities, and professional bodies. In this article, we explore how to uncover hidden cyber security jobs in the UK using organisations like the BCS (The Chartered Institute for IT), CIISec (The Chartered Institute of Information Security), ISACA, and ISC² UK Chapter. We’ll show you how to use membership directories, special interest groups, CPD events and informal networks to gain early access to roles most people never see.

How to Get a Better Cyber Security Job After a Lay-Off or Redundancy

Redundancy is never easy—especially in a fast-moving field like cyber security, where your skills and experience are constantly evolving. But if you’ve recently been made redundant from a cyber security role, know this: the UK cyber workforce remains in high demand, and your expertise is more valuable than ever. Whether you’re a SOC analyst, penetration tester, incident responder, security architect or GRC specialist, there are still thousands of opportunities across sectors including finance, defence, government, retail, and critical infrastructure. This guide will help you turn redundancy into a career relaunch, with a clear action plan tailored to the UK cyber security job market.