Career Opportunities

Digital Assets Security Lead

London, GB Full-Time Technology

About Marex

Marex Group plc (NASDAQ: MRX) is a diversified global financial services platform providing essential liquidity, market access and infrastructure services to clients across energy, commodities and financial markets. The group provides comprehensive breadth and depth of coverage across four core services: clearing, agency and execution, market making, and hedging and investment solutions. It has a leading franchise in many major metals, energy and agricultural products, with access to 60 exchanges. The group provides access to the world’s major commodity markets, covering a broad range of clients that include some of the largest commodity producers, consumers and traders, banks, hedge funds and asset managers. With more than 40 offices worldwide, the group has over 2,300 employees across Europe, Asia and the Americas.

For more information visit https://www.marex.com/

Role Overview
Marex is expanding its digital assets capabilities across custody, stablecoin products, OTC liquidity, settlement infrastructure, and global cross-margining. We are seeking a Digital Assets Security Lead, to design, implement, and oversee security controls that safeguard digital asset operations, infrastructure, and client assets across the lifecycle. This role will ensure Marex meets the highest standards of cyber resilience, operational integrity, and regulatory compliance as we scale our digital asset product suite.

The Digital Assets Security Lead will be responsible for managing digital-asset–specific cybersecurity risks, including private key security, custody integrations, blockchain transaction integrity, smart-contract risks, cross-platform account security, and regulatory obligations under FCA 5MLD and future UAE/US/APAC licensing frameworks.

Responsibilities:

1. Custody & Wallet Security

  • Design and oversee security architecture for integrated wallet/custody solutions, including MPC-based providers (e.g., Fireblocks, Utila).
  • Evaluate custody vendor security (MPC implementations, HSM usage, governance workflows, key sharding, transaction approval policies).
  • Implement and maintain private key governance, including transaction signing controls, segregation of duties, and auditability.
  • Conduct ongoing due diligence and penetration testing on custody provider integrations.

2. Digital Asset Risk Controls

  • Identify, assess, and manage risks associated with stablecoins, tokenized assets (RWAs), and cross-margining products.
  • Build monitoring and anomaly-detection capabilities for on-chain and off-chain activities.
  • Develop internal control frameworks covering price manipulation risk, oracle risk, fraud, loss, and insider handling vulnerabilities.
  • Design and enforce secure operational processes for spot, NDF, NDO, repo, lending/borrowing, and structured note flows.

3. Trading, Clearing & Settlement Security

  • Assess and secure the “true spot clearing” model, including settlement instructions, blockchain transaction validation, and counterparty trust boundaries.
  • Work with Product, Risk, and Engineering teams to design secure cross-currency margining, account management, and settlement workflows.
  • Implement protections against settlement-layer attacks (double spend, replay, address poisoning, routing attacks).

4. Platform & Infrastructure Security

  • Secure the NEON Crypto platform integration, ensuring safe APIs, authentication, encryption, and hardened microservices.
  • Establish secure SDLC practices for digital-asset components, including smart contract interfaces (if applicable).
  • Oversee cloud security (AWS/Azure/GCP) for digital-asset workloads, including container runtime, secrets management, and network segmentation.

5. Vendor & Third-Party Risk Management

  • Lead technical due diligence and security assessments for new digital-asset vendors, liquidity providers, custodians, and blockchain infrastructure partners.
  • Ensure third-party integrations align with FCA 5MLD requirements and global regulatory expectations.

6. Regulatory & Compliance Alignment

  • Ensure security operations and controls meet FCA 5MLD AML/CTF expectations for digital assets.
  • Prepare for regulatory engagements in UAE, US, and APAC, including cybersecurity readiness assessments.
  • Maintain documentation required for audits, external reviews, SOC/ISO alignment, and future licensing applications.

7. Incident Response & Forensics

  • Develop and manage digital-asset–specific incident response playbooks (key compromise, fraudulent withdrawal, smart contract exploit, chain reorg, etc.).
  • Coordinate with risk, compliance and legal teams to manage incidents with regulatory and client impact.
  • Implement blockchain analytics tools for forensics and post-incident investigation.

8. Governance, Training & Awareness

  • Educate internal stakeholders on digital-asset risk, custody security, transaction approval workflows, and safe operational practices.
  • Establish internal risk committees or governance forums for digital-asset security topics.
  • Produce regular reporting to senior management, the Board, and regulators.

All staff:

  • Ensure compliance with the company’s regulatory requirements under the FCA.
  • Adhere to the operational risk framework for your role ensuring that all regulatory or company determined parameters are complied with.
  • Role model for demonstrating highest level standards of integrity and conduct and reflecting Company Values.
  • At all times comply with the FCA’s Code of Conduct.
  • Ensure that you are fully aware of and adhere to internal policies that relate to you, your role or any other activities for which you have any level of responsibility.
  • Report any breaches of policy to Compliance and/ or your supervisor as required.
  • Escalate risk events immediately.
  • Provide input to risk management processes, as required.


Qualifications, Experience & Competencies:
Required

  • 7–10+ years of experience in cybersecurity, preferably within financial services.
  • Demonstrated experience securing digital asset systems (custody, wallets, trading venues, crypto exchanges, MPC solutions, or blockchain infrastructure).
  • Strong understanding of blockchain fundamentals, transaction flows, consensus mechanisms, and settlement risks.
  • Experience implementing secure key management solutions (MPC, HSM, KMS, quorum models).
  • Familiarity with AML/CTF, sanctions, and regulatory frameworks for digital assets, ideally including FCA 5MLD.
  • Experience in cloud, API security, network segmentation, identity and access management (IAM), and secure SDLC.

Preferred

  • Prior experience in a regulated crypto exchange, broker, custodian, or institutional trading firm.
  • Certifications such as CISSP, CCSP, CISM, GIAC, or blockchain security qualifications (CBSP, CE|BP).
  • Familiarity with tokenization platforms, stablecoin mechanics, and on-chain analytics tools (Chainalysis, TRM).
  • Experience with Zero Trust architectures and privileged access management for digital-asset environments.

Key Competencies

  • Strong analytical and risk-assessment skills specific to digital assets.
  • Ability to operate independently in a rapidly evolving regulatory and technical landscape.
  • Clear communication skills for Senior level reporting and regulatory interactions.
  • Problem-solving mindset capable of balancing security with business enablement.
  • Ability to collaborate cross-functionally with Risk, Technology, Legal, Compliance, and Trading teams.
Apply to this position External Link Icon