A quick run-down of the job

We're looking for a Lead Security Architect to own and elevate security across the entire company. This is a hands-on, senior leadership role responsible for defining our security strategy, strengthening security practices, and driving solutions across our infrastructure, applications, and internal systems.

This role is responsible for security across the company, with a particular focus on application security, compliance, and emerging Web3 and AI-related security risks. You'll set the direction for how our teams build securely, strengthen the security posture of our products, identify vulnerabilities, and introduce scalable security processes and tooling.

We're looking for someone who can quickly understand our systems, identify risks, and drive action - not just produce reports. You'll also coordinate external audits and build security awareness across the company. You'll work closely with engineering, AI, automation, and operations teams, and collaborate with our existing security architect to strengthen security practices across the company.

Location

Remote within EMEA

Applications from outside this region will not be considered

What you’ll do

Own and strengthen company-wide security and compliance

• Lead security efforts across infrastructure, applications, internal systems, and employee devices

  Identify risks and vulnerabilities across the organisation and ensure they are addressed

  Establish scalable security processes and best practices across teams

  Own the organisation's compliance posture - define target frameworks, drive progress against them, and ensure requirements are reflected in day-to-day operations
  

Coordinate audits and external security work

• Own relationships with external security firms and auditors

  Lead the organisation through compliance framework certifications end-to-end

  Plan and run security reviews and external audits, ensuring findings are tracked and resolved

  Act as the internal authority on external security requirements and regulatory expectations
  

Build security awareness across the company

• Define and own the company's security awareness and training programme

  Set standards for access management, device security, and operational security hygiene
  

Drive application security

• Define and own the Secure Software Development Lifecycle (Secure SDLC) across the engineering organisation

  Work closely with engineering teams to ensure secure design and implementation of products — getting into the detail where needed

  Personally review tools, frameworks, and architectures for security risks and ensure findings drive action

  Set the standard for how developers integrate security practices into the development lifecycle
  

Own Web3 security

• Bring a solid understanding of Web3-specific security risks — smart contract vulnerabilities, protocol exploits, wallet and key management, and on-chain threat vectors

  Apply experience from working in a Web3 environment to identify risks relevant to our infrastructure and products

  Work directly with engineering teams to ensure Web3 security considerations are embedded in how we build and ship

  Stay current on the evolving Web3 threat landscape and ensure the organisation is positioned ahead of emerging risks
  

Own AI Security

• Identify and mitigate security risks related to AI-driven tooling, agents, and automation

  Stay ahead of emerging threats introduced by AI integration across our stack
  

Implement security tooling and automation

• Own the security tooling strategy — defining requirements, evaluating solutions, and driving implementation

  Establish monitoring standards, incident response processes, and security workflows

  Ensure security is consistently embedded in engineering pipelines and tooling
  

  What makes a Good Candidate
  
  

  We're looking for someone who combines strategic thinking, strong judgment, and the technical credibility to lead across engineering and leadership
  

  Experience

  • Proven experience owning or leading a security function — not just executing within one

    Background in security engineering or architecture — you understand how systems are built and where they break

    Experience building or maturing security programmes in fast-moving engineering organisations

    Experience in a Web3 or payments fintech environment
    

  Governance, Risk and Compliance (GRC)

  • Solid knowledge of key compliance frameworks including SOC 2, ISO 27001, DORA, MiCA, the EU AI Act, NIS2, and related standards

    Experience guiding organisations through certification and audit processes end-to-end — not just familiarity with the frameworks, but having done the work

    Able to translate regulatory and compliance requirements into practical internal programmes and controls

    Comfortable owning the GRC function and reporting on compliance posture to leadership
    

  Technical knowledge

  • Strong understanding of modern application security practices

    Experience with security reviews, threat modelling, and vulnerability management

    Familiarity with cloud infrastructure security and developer tooling

    Understanding of AI security risks and emerging attack vectors is a strong plus

    Experience managing or mentoring security teams is a plus
    

  Mindset

  • Strategic thinker who can translate risk into priorities and communicate them clearly to leadership

    Comfortable operating with autonomy in a fast-moving, ambiguous environment

    Able to influence without authority across engineering and leadership

    Proactive by default - you identify problems before they're escalated to you

    Comfortable getting into the detail when the situation calls for it

    Company culture

    • Embracing the differences

      Embrace your own differences

      Respect and welcome the unique qualities of others

      See others’ differences as an opportunity to grow

      Own it, do it

      Own tasks end-to-end

      Hold yourself to a high bar for execution

      Make bold decisions, and be accountable

      Understand your limitations and seek for help

      Fail forward

      Try - don’t be afraid to fail

      Learn - don’t make the same mistake twice

      Adapt - grow with the experience

      Have fun together

      Take the time to get to know and understand each other better

      Don’t take yourself too seriously and keep it light-hearted

      Fun should be coming from a place of love and respect

      What you’ll get

      • Annual team offsites (Thailand in 2023 and Vietnam in 2024 were a blast, Marrakech in March 2025 was blast-ier; let’s see what happens in 2026!)

        30 days of PTO

        Flexible remote days

        Flexible working hours

        Equity participation from day 1

        Entitlement to work computer (choice of equipment)

        An annual 1,000€ personal development budget once you have worked 6+ months (pro-rated the first year)

        A one-time 1,000€ remote budget to use on coworking, office setup, etc.

        If you join us as an independent contractor, you’re only entitled to the first five benefits of this list.

        This role is engaged via employer of record (EOR) or independent contractor arrangement.

        Application process

        Setting yourself up for success starts with the application! Click here to discover valuable tips that will help you navigate our application process effectively.

        LI.FI is an equal opportunity employer. We encourage individuals of all backgrounds to apply. Join us in our dedication to fostering a workplace that values and respects each team member's unique contributions.

        Shortlisted candidates will undergo a comprehensive interview process, including a people operations interview, a take-home assignment, a meet-the-team & founder interview, and a reference check.

        For more information, visit our page detailing our hiring process!