Head of Security

Job not on LinkedIn

Yesterday

Apply Now

Receive Emails with Similar Jobs

The Up Next Company

WebsiteLinkedInAll Job Openings

Crypto • Cybersecurity • B2C

The Up Next Company is focused on developing Ephemera, a decentralized and private messaging technology that enables secure communication and enhances the XMTP ecosystem. Their key product, Converse, is an encrypted messenger that facilitates crypto-native interactions, emphasizing data ownership and interoperability. The company's mission is to create foundational technology for a secure layer of the internet, grounded in open-source principles that foster a trusted developer community.

2 - 10 employees

Founded 2023

₿ Crypto

🔒 Cybersecurity

👥 B2C

📋 Description

• Build and own XMTP’s comprehensive security strategy across internal, cyber, travel, and executive domains. • Establish a layered defense model aligned with our mission: *secure the world’s freedom to communicate.* • Create high-clarity frameworks for risk, readiness, response, and prioritization. • Present strategy and risk assessments to leadership, investors, and external partners. • Define and enforce device, tooling, authentication, and access standards. • Oversee MDM, hardware key enforcement, internal permissions, and secrets management. • Implement systems that assume compromise and minimize blast radius. • Own security elements of onboarding and offboarding while partnering with our Ops team for execution. • Lead the digital defense of XMTP’s engineering, infrastructure, cloud systems, and protocol interfaces. • Own threat detection, incident response, monitoring, and vulnerability management. • Partner with Engineering to harden production environments, CI/CD pipelines, and secure key material. • Ensure best-in-class security tooling across endpoints, authentication, and encryption. • Architect the travel security program for staff attending conferences, hackathons, and high-risk environments. • Build protections against proximity attacks, in-person targeting, device cloning, and social engineering. • Standardize travel kits (Faraday protection, privacy screens, secure bags) and protocols. • Train employees for situational awareness and safe operating procedures on the ground. • Develop protocols for device hardening, travel safety, communications security, and identity protection for high-profile individuals. • Establish response plans for impersonation, targeted phishing, and other executive-focused threats. • Partner with Brand and People Operations to embed security into XMTP’s identity - swag, onboarding, systems, and storytelling. • Ensure every internal and external interaction signals XMTP’s security-first culture. • Drive company-wide education that raises awareness and reinforces safe practices. • Select and manage external security firms, penetration testers, and threat intelligence partners. • Own contracts, performance, budgets, and strategic evaluations. • Establish relationships with industry experts and security communities. • Maintain all security documentation: • Incident response • Travel protocols • Device standards • Engineering security guidelines • Internal training • Run tabletop exercises and simulations to test readiness.

🎯 Requirements

• 8–15+ years in cybersecurity, information security, or operational security leadership roles. • Experience owning security for high-growth or high-risk organizations. • Deep understanding of both digital and physical security threats. • Strong operational rigor — you build systems that people actually follow. • Clear, direct communication; high trust and high accountability. • Experience managing sensitive, time-critical incidents. • Comfort working with decentralized systems, privacy tech, or Web3 concepts. • A bias toward clarity, action, and ownership.

🏖️ Benefits

• Fully paid Medical, Dental, Vision • Parental leave • Wellness & lifestyle stipend • Remote-first + equipment budget • Personal assistant support • Unlimited PTO • Semi-annual IRL gatherings