Skip to content
Skip to content
Sysadmin Jobs
Rise Works

Lead Security and Infrastructure Engineer (GCP Web3)

Rise Works

Location
Remote (United States)
Compensation
$170k - $210k/yr
Employment
Full-time
Level
Senior Level
Posted 1 day ago

About the Role

Rise is a global payments and payroll platform enabling companies to pay employees and contractors worldwide in fiat or digital assets. This role will own security and infrastructure operations across cloud, application, and on-chain surfaces, playing a key part in a lean, high-ownership team.

Skills

Google Cloud Platform Security Engineering Ethereum EVM Node.js TypeScript MySQL Cloudflare Infrastructure as Code CI/CD Incident Response IAM Secrets Management Vulnerability Management SOC 2 Web3

Benefits

  • 401(k)

Perks

  • Equity
  • Unlimited PTO
  • Flexible Work Schedule
  • Remote Solely

Full job details

About Rise

Rise is a global payments and payroll platform built for the way modern teams actually work - across borders, currencies, and rails. We make it possible for companies to pay full-time employees, contractors, and freelancers anywhere in the world, in either fiat or digital assets, with the compliance, tax, and identity infrastructure handled underneath.


At our core we bridge two worlds: traditional finance and Ethereum-based settlement. Payments can move as stablecoins on-chain or through conventional banking rails, and our platform manages the invoicing, KYC/KYB, onboarding, and reporting that make that seamless for both payers and recipients.


Our stack runs on Google Cloud Platform (Cloud Run, BigQuery), with MySQL, a Node.js / TypeScript application layer, and Cloudflare (including Cloudflare Pages) at the edge. Rise is underpinned by a large smart-contract ecosystem deployed across EVM chains - payments, settlement, and identity flows are anchored on-chain - and we work daily with Ethereum and EVM-compatible networks, wallets, and stablecoin settlement.

Our Culture

We're a lean, high-trust, high-ownership team. Because we move real money for real people, we hold a high bar for correctness, security, and accountability - the work is meaningful precisely because the stakes are real. We value:


  • Ownership over hand-offs. You'll own systems end to end, from design to on-call, and have the autonomy that comes with that.

  • Security as a default, not a phase. Handling funds and personal data means security thinking is part of every decision, not a box checked at the end.

  • Directness and low ego. We give and receive candid feedback, write things down, and prefer clarity over politics.

  • Remote-first discipline. We're a globally distributed team spread across time zones around the world, and we communicate asynchronously with a bias toward documentation and reproducibility.

What You'll Do

Working directly with the CTO, you'll own security, infrastructure ops, and reliability across Rise's cloud, application, and on-chain surfaces. This is a builder's role, not a purely advisory one - you'll harden what exists, design what's missing, and be the person the team turns to when security and infrastructure questions come up. This is a hands-on role: you'll run the day-to-day infrastructure operations behind our code releases and keep our production infrastructure healthy, available, and secure.


You'll have end-to-end accountability for the infrastructure, on a mostly serverless stack that's designed to keep operational overhead low. As Rise grows, you'll have the opportunity to define the security and infrastructure function and build a team beneath you.


Security engineering


  • Own Rise's security posture across cloud, application, and on-chain surfaces.

  • Lead incident response: detection, containment, forensics, remediation, and blameless post-mortems - and build the tooling and runbooks so we respond faster next time.

  • Establish and enforce secure defaults: secrets management, least-privilege IAM, network segmentation, and audit logging.

  • Own secrets management and access governance, applying least privilege and separation of duties across production systems.

  • Run threat modeling, vulnerability management, and periodic security reviews across services and smart-contract integrations.

  • Build detection and alerting for anomalous traffic, abuse, and scanning against our public endpoints (Cloud Run / load balancer / Cloudflare).

  • Drive compliance and audit-readiness efforts (e.g., SOC 2) and represent security to partners and customers.


Infrastructure operations & platform reliability


  • Own the infrastructure operations behind code releases: run and improve the deployment pipelines that ship our fleet of Cloud Run services to production, and be accountable for safe, repeatable releases (rollouts, rollbacks, and release hygiene).

  • Provide day-to-day operational support for our production infrastructure - keeping services healthy and available, responding to operational issues, and doing the maintenance, upgrades, and toil-reduction that keep the platform running.

  • Build and maintain CI/CD, infrastructure-as-code, and deployment pipelines on GCP.

  • Harden Cloud Run services, BigQuery, MySQL, and Cloudflare configuration (WAF, DNS, rate limiting, Pages).

  • Improve observability - logging, metrics, tracing, and alerting - so we find problems before customers do.

  • Be accountable for reliability - capacity, backups, and on-call - for systems that move money, on an architecture designed to keep operational load and toil low.

  • Operate and continuously improve our disaster recovery capability. Own our RTO/RPO targets, manage database backup and point-in-time recovery for our managed MySQL databases, maintain and refine failover procedures and DR runbooks, and run regular restore drills and game days so recovery stays proven, not assumed.


Blockchain / Web3


  • Secure our Ethereum integrations: wallet and key management, transaction signing, and smart-contract interaction.

  • Review on-chain settlement flows for security and correctness, and partner with product engineering on new payment features.

  • Monitor on-chain operations and build safeguards against the failure modes specific to crypto payments.


What We're Looking For

Required


  • Authorized to work in the United States and U.S.-based.

  • 8+ years in DevOps / infrastructure / SRE, with significant security engineering ownership - enough to set direction and be the founding security & infrastructure hire.

  • Deep, hands-on Google Cloud Platform experience (Cloud Run, IAM, networking, BigQuery, logging/monitoring, SecOps, SCC).

  • Strong security fundamentals: IAM and least privilege, secrets/key management, network security, incident response, and vulnerability management.

  • Production experience with Ethereum / EVM - wallets, key management, transaction signing, and smart-contract interaction.

  • Comfort in a Node.js / TypeScript and MySQL environment.

  • Hands-on Cloudflare experience (WAF, DNS, edge security, Pages).

  • Infrastructure-as-code and CI/CD fluency.

  • Proven incident-response track record - you've been in the room when something was on fire and helped put it out.


Nice to have


  • Experience in fintech, payments, or another regulated, funds-handling environment.

  • Security certifications (e.g., CISSP, OSCP, GCP Professional Cloud Security Engineer).

  • SOC 2 / ISO 27001 / PCI experience.

  • Smart-contract security auditing experience.

  • Familiarity with stablecoins and on-chain settlement at scale.


Compensation & Benefits

  • Base salary: $170,000–$210,000

  • Meaningful equity in a growing company.

  • Unlimited PTO and a flexible work schedule - we care about outcomes, not hours.

  • 401(k) with a 3% company grant.

  • Fully remote within the United States.


Why Rise

You'll be the person who owns security and reliability for a platform that moves real money across borders and blockchains. It's a role with genuine scope, genuine autonomy, and genuine stakes - the kind of problem set that's hard to find in one place: cloud, security, and Web3, all at once.


You'll start as a team of one with full ownership - and as Rise grows, you'll have the opportunity to define the security and infrastructure function and build the team around it.