Infrastructure Security Engineer

About Quidax

Quidax is where crypto meets limitless possibilities. We’re making digital asset access effortless for individuals, businesses, and fintechs in Africa. Our goal? Providing real value for our customers while driving the future of Finance.

About the Role

We’re looking for an Infrastructure Security Engineer who can build and maintain a strong security posture in a fast-moving, high-stakes financial environment, without slowing the business down.

This role sits at the heart of our security infrastructure, protecting our cloud, networks, endpoints, databases, code repositories, data stores and critical systems. You’ll be designing, re-designing, fixing and continuously improving how we secure Quidax at scale.

If you’re the kind of person who is very meticulous, process oriented, logical and has a passion for cybersecurity technologies — you’ll fit right in.

What You’ll Be Owning

Security Solutions Configuration, Review \& Optimization

• Within 30 days, the Infrastructure Security Engineer should be able to carry out configuration of various security solutions including network firewalls, Endpoint Detection \& Response Solutions, Web Application Firewalls, Cloud Native Application Protection Platforms, Security Incident and Event Management, Security Orchestration Automation and Response Solutions, Identity Provider Solutions and Threat Management Solutions among others.

• Within 90 days, the Infrastructure Security Engineer should be able to carry out reviews \& optimizations on various security solutions in compliance with the established policies.

• Within 180 days, the Infrastructure Security Engineer should review current security baselines \& ensure alignment of all security and technology solutions with the security baselines across all environments (cloud, endpoints, network)

Audits \& Compliance Reviews

• Within 90 days, the Infrastructure Security Engineer should have adequate understanding of our existing infrastructure security systems and technical controls (how they work, effectiveness \& gaps if any) to be able to provide insights during audits \& compliance reviews.

• Within 180 days, the Infrastructure Security Engineer should be able to assume roles within our Information Systems Management framework.

• Within 180 days, the Infrastructure Security Engineer should be able to work with Governance Risk \& Compliance to close audit findings quickly and effectively.

Access Control Management \& Optimization

• Within 30 days, the Infrastructure Security Engineer should have an understanding of our Access Control Policies, Processes \& Technologies.

• Within 30 days, the Infrastructure Security Engineer should be able to take ownership of Access provisioning, decommissioning \& access management optimization.

• Within 90 days, the Infrastructure Security Engineer should have conducted a review of the current access management system, identified gaps and propose recommendations.

Vulnerability Management

• Within 60 days, establish a consistent vulnerability management process across infrastructure and endpoints

• Within 90 days, ensure all critical \& high vulnerabilities have clearly defined remediation SLAs

• Within 180 days, reduce monthly recurring unremediated vulnerabilities by 40%

• Provide clear, actionable vulnerability remediation guidance to Engineering and DevOps teams.

Security Monitoring, Detection \& Response

• Within 30 days, review and be conversant with existing SIEM architecture.

• Within 90 days, identify and document all areas of improvement in our security event monitoring.

• Within 180 days, start implementing all areas of improvement to log aggregation, security event analysis and alerting.

• Within 90 days, identify new playbooks for automated incident response in the SOAR and document the recommendations

• Within 12 months, implement the playbooks for automated incident response recommendations in the SOAR

• Continuously improve detection coverage and incident response automation and orchestration across cloud, endpoints, and network layers.

Secure Cloud \& Network

• Within 30 days, review and understand services \& configurations across multi-cloud platforms.

• Within 60 days, be able to administer security policies \& security services across multi-cloud platforms.

• Within 60 days, partner with relevant Engineering teams to ensure security is embedded in infrastructure design and configuration from day one.

Security Operations \& Automation

• Within 30 days, review existing automations, test them out and identify areas of for optimization/improvement.

• Within 180 days, automate at least 30% of repetitive security operations tasks

• Continuously evaluate and implement new tools that improve detection, prevention, or efficiency

• Continuously improve security policies and enforcement mechanisms

Cross-Functional Security Enablement

• Work closely with Engineering, DevOps, and Product teams to embed security into workflows

• Provide hands-on guidance during system design, deployments, and incident response.

• Promote strong security practices across the company — not just enforce them

Biggest Challenges You’ll Tackle

The biggest challenges you’ll have to tackle are:

1. Figuring out how multiple vendor technologies have been stitched together while having to actively carry out security operation tasks in a new environment

1. Balancing operational security tasks with long-term architecture improvements

1. Integrating with the relevant Engineering teams to ensure security is embedded into our engineering processes.

1. Driving security adoption across teams that just want to ship

1. Securing a fast-growing crypto infrastructure without slowing down product delivery

1. Reducing alert fatigue while improving real threat detection

1. Keeping up with evolving threats in the cloud, blockchain and global security landscape.

What We’re Looking For

Must-haves:

• You’ve secured cloud-native environments in a real-world, high-scale setup

• You can go from “there’s a problem” to “here’s the fix” to “it’s deployed” without hand-holding

• Strong hands-on experience with SIEM, EDR, firewalls, WAFs, vulnerability management tools, Networking concepts (routing, NAT, segmentation, access control), Cloud security (IAM, logging, monitoring, secure configs)

• You can break down complex systems into their simple parts and understand how they are built, how they break and what it takes to fix them.

• You’re proactive and detail-oriented

• You can collaborate with engineers and influence decisions without being the “security police”

• You enjoy Cybersecurity and have a passion for learning about new Technologies.

• You are committed to continuous development and search out the latest vulnerabilities, attack vectors and security solutions.

Nice-to-Haves:

• Experience with implementing security solutions \& driving secure processes in fintech, blockchain, or financial systems

• Experience writing scripts \& automating workflows with technologies like Python,Ansible \& Terraform.

• Experience with implementing DevSecOps processes and technologies including access control, key management, policy gates e.t.c.

• Understanding of blockchain security concepts

• Understanding of AI, it’s risks,AI security and AI security solutions

• Certifications like CCSP, CEH, CCNP, PCNSE, Security\+, AWS

Reporting Line

You’ll report directly to the Chief Information Security Officer (CISO) and work closely with other units in the Information Security team including GRC, Application Security, IT.

You’ll also be close buddies with the Engineering team especially the Engineering Platform \& Devops teams as we partner with them to ensure secure Engineering processes and implementations are in place.

Why Quidax

At Quidax, we’re building the future of finance in Africa through crypto. You’ll have the freedom to innovate, the space to lead, and the backing to build something that truly scales. If you’re ready to build an engineering org that delivers excellence at scale, let’s talk.

What’s In It For You

When you join Quidax, you’re not just taking a job, you’re jumping into a community that’s bold, remote-first, and building for the future. Here’s what you get:

Fair Pay \+ Ownership

Competitive sala...