jobsswitzerland.ch
← All jobs

Senior Product Security Engineer / Architect 100 %

Taurus SA

Employment type
Full-time
Location
Lausanne
Company
Taurus SA, Place Ruth-BÖSIGER 6, 1201 Genève
First posted
Apply now
Link: https://join.com/companies/taurusgroup/16394548-senior-product-security-engineer-architect-lausanne Do you want to be part of a new entrepreneurial adventure and contribute to building the next global FinTech? We may have the position you need. Missions: A role of deeply operational individual contributor, where you will raise the level of security of the product itself. You are the security partner that engineers want to have in the room: someone able to open a diff, understand the attack surface, build the automation that imposes the fix, and deliver it on the same day. A large part of this surface being cryptographic (keys, signature, HSM, and the trust boundary surrounding them), this is where you will have the most impact. Responsibilities Ensure product security for all digital asset products concerned: Taurus-PROTECT, Taurus-CAPITAL, Taurus-EXPLORER, and Taurus-NETWORK. Contribute to the product security of financial services. Contribute to the security architecture for HSM, confidential computing, MPC, and cryptographic systems Perform security reviews of application code, cryptographic workflows, smart contracts, HSM integrations, and enclave-based components Model threats of new features and review architectural designs before their production deployment Lead and supervise intrusion tests, reproduce results, and validate remediation plans Build and maintain automation that imposes security safeguards — on CI/CD pipelines, software supply chains, Kubernetes environments, and deployment platforms Collaborate with product engineering teams to design and deliver fixes, not just report findings Review authorization models, privilege management, identity integrations, and operational access controls Support incident response, vulnerability management, and security investigations Support client audits, RFPs, security workshops, and regulatory discussions Translate regulatory and compliance requirements into concrete technical controls Ensure monitoring of security news and trends; identify their potential impact on products and ensure the rapid application of corrective measures Profile: Master's or Doctoral degree in Computer Science, IT Security Engineering, or Cryptography Minimum 7 years of experience in application security, product security, offensive security, or security engineering Experience in security-critical environments — financial services, payments, identity, asset custody, embedded systems, or regulated platforms Fluent English, both written and spoken Key Requirements Application and Product Security: Solid experience in security code review in at least two of the following languages: Go, C/C++, TypeScript, Python Threat modeling, secure design reviews, and penetration testing Ability to identify business logic flaws, authorization issues, cryptographic misuse, and complex attack paths Cryptography and Key Management: Solid foundation in applied cryptography: PKI, TLS, X.509; AES, RSA, ECDSA, EdDSA; key management and key ceremonies; secure key storage and signing workflows Experience with HSM technologies and PKCS#11 environments Infrastructure and Cloud Security: Solid experience in Kubernetes and container security Familiarity with cloud IAM, workload identity, secret management, and policy-as-code A builder mindset — you implement security controls, not just review them Secure Hardware and Confidential Computing: Experience with one or more of the following: Thales / Luna HSM, AWS CloudHSM, Azure Managed HSM, Intel SGX, AMD SEV-SNP, AWS Nitro Enclaves, Azure Confidential Computing Interpersonal and Communication Skills: Comfortable exchanging with security teams, auditors, regulators, enterprise clients, and CISO prospects Able to explain complex security topics in a clear and pragmatic manner A significant plus Blockchain and smart contract security MPC and threshold signature systems Fuzzing and software security testing Compliance and regulatory security frameworks (FINMA, DORA, MiCA, ISO 27001, SOC 2, FIPS 140-3) Public security research, CVE, bug bounty experience, or open-source security contributions Experience in supporting RFPs, security questionnaires, and client due diligence Degree in Computer Science, Security, or equivalent practical experience Benefits An opportunity to work at the intersection of digital assets and finance A qualified and experienced team, including world-renowned experts A dynamic learning environment, entrepreneurial spirit, and strong team spirit An ideal time to join the company as it grows and develops State-of-the-art technology and IT infrastructure Hybrid remote work and flexible hours Convivial team events As the company evolves in a dynamic and innovative environment, its DNA is based on merit. Therefore, significant growth opportunities will be offered to candidates with an open and results-oriented mindset. We are an equal opportunities employer.

Automatically translated from the original.

Posted today

Location

View on Google Maps