Senior Security Engineer, Corporate Security

About Us

Turnkey is developer-first infrastructure for private key management, making it simple to create wallets, sign transactions, and automate on-chain actions through one elegant API, without ever exposing sensitive key material. Founded by the team who scaled Coinbase Custody from zero to a $100M+ ARR business and helped protect over $100B in crypto assets, Turnkey is tackling crypto security at its foundational level. Our mission is to make strong cryptography the default across the open internet the same way AWS made scalable computing the default for software.

Our Team

Our team is low-ego, high-agency, and high-autonomy, with a significant amount of combined experience in cryptography, security, and low-level systems. We're building the trustless, programmable infrastructure that will power the next wave of mass-market crypto applications and we're looking for people who want to shape what that future looks like.

Role Overview

We are hiring a Senior Corporate Security Engineer to own and scale the security of Turnkey's corporate infrastructure. This is a foundational role - you'll be the first dedicated corporate security hire, working directly with the security lead to build enterprise security capabilities from the ground up.

In this role, you’ll protect Turnkey’s people, endpoints, SaaS, identity systems, and internal infrastructure, securing our distributed workforce while enabling the team to move quickly without compromising safety. Sitting at the intersection of security engineering, IT operations, and risk management, you’ll design and build security controls that are both robust and user-friendly, ensuring the company remains secure as it scales.

What You’ll Do

• Build & Secure Corporate Infrastructure: Design, implement, and manage security for endpoints and distributed systems; deploy and operate our security stack (MDM, EDR/XDR, ZTNA, SSO); enforce zero-trust principles, least-privilege access, and hardening standards
• Drive Security Initiatives & Risk Reduction: Lead initiatives around endpoint hardening, access controls, and vendor risk; conduct security design reviews, risk assessments, and vulnerability remediation; develop and enforce security policies and best practices.
• Detection, Response & Automation: Respond to security incidents with urgency and technical depth; collaborate on detection rules, alerts, and monitoring; automate workflows and create runbooks and playbooks to scale security operations efficiently.
• Foster Security Culture & Education