Prometheum

• This is a senior, hands-on role with intentionally broad scope. • Cloud infrastructure, security operations, and regulatory compliance are consolidated into a single function rather than distributed across a large team. • Design and maintain secure AWS cloud infrastructure using Terraform and Terragrunt, with a focus on IAM least-privilege, account isolation, and security guardrails across multiple AWS environments. • Manage AWS network security: VPC segmentation and design, Transit Gateway architecture, PrivateLink for service isolation, Network Firewall, and Route 53 Resolver for DNS security. • Manage and maintain Cloudflare infrastructure including DNS, WAF, and edge compute. • Architect and operate Cloudflare Zero Trust — including Access policies, Tunnel configuration for private network routing, Gateway egress filtering and DNS security policies, and WARP client deployment. • Manage and tune AWS-native security tooling: GuardDuty, Security Hub, Config, Inspector, CloudTrail, and WAF. • Integrate security controls into CI/CD pipelines (GitHub Actions) — including SAST, DAST, container image scanning, dependency vulnerability checks, and secrets detection. • Enhance container and workload security through image signing, admission controllers (Kyverno), runtime policies, and base image hygiene. • Manage dependency and patch lifecycle across Docker images, Helm charts, Terraform modules, and application packages. • Own and operate security monitoring and incident response: maintain SIEM/log aggregation pipelines, tune alerting for anomalous behavior and policy violations, lead root cause analysis, and document post-mortems. • Conduct and coordinate vulnerability assessments; track findings through to remediation. • Automate compliance checks and drift detection using infrastructure scanning and policy-as-code tooling. • Participate in on-call rotation to respond to security and infrastructure incidents. • Support SEC and FINRA compliance obligations by implementing and documenting technical controls, and partner with legal and compliance teams during audits and regulatory reviews. • Document infrastructure patterns, access controls, and security architecture for audit readiness.

• Own product features end-to-end; from discovery and requirements through launch - for trading, onboarding, and custody solutions, working closely with engineering and design in a fast-moving, startup environment. • Partner with stakeholders, engineers, and designers to write clear Business Requirements (BRDs) and Product Requirements (PRDs) that translate business goals into actionable specs. • Drive the product lifecycle from ideation through launch, ensuring tight alignment between business needs and technical execution across trading, clearing, and broker-dealer onboarding workflows. • Define product features and roadmap priorities, balancing short-term delivery with long-term platform scalability. • Run Agile ceremonies and sprint planning; breaking down epics into user stories with crisp acceptance criteria that the team can ship against. • Maintain clean, traceable documentation of features, user stories, and tasks in Jira and Confluence. • Coordinate with internal teams and external partners (broker-dealers, financial institutions) to communicate requirements, manage timelines, and support testing. • Serve as a go-to resource for product questions from partners and compliance teams around trading, settlement, and custody operations. • Create and maintain product documentation, user guides, and release notes for platform updates and onboarding flows. • Track product metrics and use data to assess feature adoption, surface insights, and inform next priorities.

Role Description This is a senior, hands-on role with intentionally broad scope. Cloud infrastructure, security operations, and regulatory compliance are consolidated into a single function rather than distributed across a large team — which means real ownership, direct access to leadership, and the ability to shape how security is built and operated at Prometheum. Prometheum is actively maturing its security function, and this role will be instrumental in shaping where it goes — you'll be building on an existing foundation and defining what comes next. The right candidate has worked in a lean, regulated environment before and is energized by breadth rather than frustrated by it. - Design and maintain secure AWS cloud infrastructure using Terraform and Terragrunt, focusing on IAM least-privilege, account isolation, and security guardrails across multiple AWS environments. - Manage AWS network security: VPC segmentation and design, Transit Gateway architecture, PrivateLink for service isolation, Network Firewall, and Route 53 Resolver for DNS security. - Manage and maintain Cloudflare infrastructure including DNS, WAF, and edge compute. - Architect and operate Cloudflare Zero Trust — including Access policies, Tunnel configuration for private network routing, Gateway egress filtering and DNS security policies, and WARP client deployment. - Manage and tune AWS-native security tooling: GuardDuty, Security Hub, Config, Inspector, CloudTrail, and WAF. - Integrate security controls into CI/CD pipelines (GitHub Actions) — including SAST, DAST, container image scanning, dependency vulnerability checks, and secrets detection. - Enhance container and workload security through image signing, admission controllers (Kyverno), runtime policies, and base image hygiene. - Manage dependency and patch lifecycle across Docker images, Helm charts, Terraform modules, and application packages. - Own and operate security monitoring and incident response: maintain SIEM/log aggregation pipelines, tune alerting for anomalous behavior and policy violations, lead root cause analysis, and document post-mortems. - Conduct and coordinate vulnerability assessments; track findings through to remediation. - Automate compliance checks and drift detection using infrastructure scanning and policy-as-code tooling. - Participate in on-call rotation to respond to security and infrastructure incidents. - Support SEC and FINRA compliance obligations by implementing and documenting technical controls, and partner with legal and compliance teams during audits and regulatory reviews. - Document infrastructure patterns, access controls, and security architecture for audit readiness. Qualifications - 7+ years of experience in information technology or cloud infrastructure. - 5+ years of experience in infrastructure, security engineering, or DevOps — with meaningful hands-on overlap across all three. - Strong AWS expertise across security-relevant services: IAM, VPC, GuardDuty, Security Hub, Config, CloudTrail, Secrets Manager, KMS, Network Firewall, and PrivateLink. - Production experience with Cloudflare Zero Trust — Access, Tunnel, Gateway, and WARP; familiarity with Cloudflare Workers or edge compute is a plus. - Solid AWS networking knowledge: VPC design and segmentation, Transit Gateway, PrivateLink, Route 53 Resolver, and Network Firewall in a multi-account environment. - Strong Infrastructure-as-Code skills using Terraform and Terragrunt. - Hands-on experience securing CI/CD pipelines: SAST, container scanning, secrets detection, and policy gates in GitHub Actions or similar. - Experience operating a security observability stack; Datadog is our current platform and familiarity with it is a plus. - Experience operating in a regulated financial services environment and the compliance obligations that come with it. - Experience with vulnerability management lifecycle: scanning, prioritization, tracking, and remediation. - Proficiency in at least one scripting or programming language: Python, Go, Bash, or TypeScript. - Strong written communication skills — able to produce documentation that satisfies both engineering and audit audiences. Requirements - Kubernetes/EKS experience at any depth — even working familiarity is valued. - Experience with blockchain infrastructure or digital asset platforms. - Any of the following certifications are valued but not required: AWS Certified Security – Specialty, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Kubernetes Security Specialist (CKS). - Experience with AI-assisted tooling in DevOps or security workflows. - Background contributing to or managing vendor security reviews and third-party risk assessments. - Experience working in a highly regulated financial services environment — broker-dealer, RIA, ATS, or custodian — with direct exposure to SEC or FINRA examinations. - Familiarity with Regulation S-P breach notification workflows, FINRA Rule 4530 incident reporting, or AML/BSA technical control implementation. Benefits - Competitive salary based on experience. - Excellent benefits including: Health, Vision & Dental Insurance. - Fully remote position with equipment provided. - Prometheum is an equal opportunity employer. - Prometheum will only contact candidates from an official @prometheum.com email.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are looking for a Fullstack engineer who is motivated to bring their skills and experience working in fin-tech areas to our technology stack. - Working with technical leadership and other developers to implement custody, compliance, operations and post-trade settlement systems within our NodeJS-based back end architecture. - You will be working with internal and external parties to integrate with blockchain systems and APIs. Qualifications - 7+ years’ experience in engineering including both frontend and backend. - Extensive experience of NodeJS and common packages, architectures. - Strong knowledge of TypeScript for both NodeJS and frontend development, improving type safety and code reliability. - Experience designing, maintaining and expanding APIs via REST. - Understanding of GraphQL and building efficient queries/mutations. - Experience building tool chain applications, agents, services, server and client applications in NodeJS or similar. - Thorough working knowledge working with a variety of database, SQL and other storage technologies in NodeJS. - Excellent problem solving skills. - Excellent verbal communication and interpersonal skills. - Experience working in an Agile environment and familiarity with tools like Jira, Trello, and Confluence. - A proven track record developing interfaces with ReactJS, and are proficient with front-end languages (HTML, CSS and Javascript). - Experience with designing and developing microservices-based architectures, especially for complex systems. - Basic understanding of key design principles, and responsive and adaptive design. - Write clean, tested code and value documenting your work for others. - Proficient understanding of client-side JavaScript frameworks, including lodash or underscore. - Good understanding of testing tools like Jest or Mocha. - Proficient understanding of cross-browser compatibility issues and ways to work around them. - Proficient understanding of code versioning tools, specifically including Git. Requirements - Salary Range: $120,000 - $180,000 Benefits - Excellent benefits including Health, Vision & Dental Insurance. - Fully remote position with equipment provided.

• Analyze complex system requirements to determine effective manual and automated test strategies • Design, write, review and execute manual and automated tests and test plans • Setup and maintain local test environment including repositories, databases, environment variables, schema migrations, and dependencies • Setup and maintain configurations to connect to remote test environments including environment variables, VPN configurations, and test blockchain networks • Perform detailed testing of pull requests from development and QA teams • Perform hand-on investigation and debugging using the same tools as developers and infrastructure engineers • Create detailed bug reports and provide recommendations for system improvements based on test outcomes • Provide support during events that require testing, investigation, debugging or other QA-related actions • Collaborate closely with developers and other QA engineers to test, debug, diagnose software and configurations • Collaborate closely with Product Managers and others to review business requirements and analyze test requirements • Attend and participate in Agile meetings for daily updates, backlog refinement, sprint planning, review and retrospectives • Advocate for quality and testability whenever possible

• Design, build, and maintain AWS cloud infrastructure using Terraform, Terragrunt, Helm, ArgoCD, Kubernetes (EKS), and CI/CD pipelines (GitHub Actions) • Manage infrastructure across multiple AWS accounts and environments, ensuring consistency, proper isolation, and security • Maintain and optimize Kubernetes clusters, including EKS upgrades, component updates, and capacity planning • Build and maintain observability systems (Prometheus, Grafana, Datadog) with comprehensive alerting and dashboards • Manage dependency updates and security patches across Docker images, Helm charts, Terraform modules, and application dependencies using automation tools like Renovate • Enhance security posture through least privilege access, signed images, admission controllers (Kyverno), and mTLS • Participate in on-call rotation to respond to incidents, troubleshoot issues, identify root causes, and implement preventive measures • Document infrastructure patterns, best practices, and operational procedures