Principal Security Architect

Company: Copper.co
Apply for the Principal Security Architect
Location: London
Job Description:

Role Purpose

The Principal Security Architect is the senior technical authority for security architecture at Copper. The role reports to the CISO and partners closely with Engineering. The holder sets architectural direction, reviews and approves designs for major change, and acts as the firm’s reference point on the security of the systems, protocols, and integrations Copper depends on. The role is predominantly architecture and assurance, with limited hands‑on solution design in the cloud and integration space where reference patterns are needed.

Key Responsibilities

Architectural authority

  • Hold formal security sign‑off authority for major changes to Copper’s platforms, infrastructure, and integrations.
  • Shape and maintain the security architecture patterns, principles, and reference designs that engineering teams build against.
  • Provide the senior technical security position in architectural and business decisions, including escalations where security and delivery pressures conflict.

Custody, signing, and cryptographic architecture

  • Provide architectural security leadership over Copper’s signing infrastructure, working alongside specialist engineering and cryptography teams. Scope covers the people, process, and operational design around MPC‑based signing. Solid conceptual grounding in threshold cryptography and signature schemes is required; cryptographer‑level work is not.
  • Review and approve changes to transaction construction, signing flows, approval policy, and key lifecycle operations.
  • Provide architectural assurance over chain‑of‑trust constructs adjacent to custody, including verifiable build pipelines, hardware‑backed code signing, and authenticator‑bound administrative paths.

Multi‑chain and integration security

  • Reason at architectural depth across the range of blockchains Copper supports, including EVM, UTXO, and account‑based non‑EVM families. This requires a working understanding of transaction construction, signing semantics, consensus assumptions, and validator and staking models across these environments, without being a protocol engineer in any of them.
  • Assess third‑party smart contract architectures, implementations, and audit reports to a level sufficient to understand the exploit and risk surface, without performing line‑by‑line code review.
  • Review first‑party integrations with partner networks, including those underpinning staking and similar on‑chain participation, and form a defensible security position on the operational and contract risk Copper inherits.

Settlement, collateral, and off‑exchange architecture

  • Provide architectural ownership of the security model for Copper’s settlement, collateral mirroring, and off‑exchange product surfaces.
  • Reason about the trust boundaries between Copper, venues, and clients, and ensure architectural controls match the obligations each side carries.

Identity and access architecture

  • Own identity and access architecture as a dedicated pillar of the role.
  • Set patterns for workforce, workload, and third‑party identity across Entra ID, federated SSO, OAuth2 / OIDC, SAML, and modern authenticators.
  • Govern entitlement design, privileged access, and access models for contractors, vendors, and external operators.

Cloud and platform security

  • Maintain working architectural fluency in both AWS and Azure, including network topology, segmentation, secrets handling, and platform telemetry.
  • Produce reference patterns and, where needed, direct integration designs in the cloud and platform space.

Third‑party and protocol risk

  • Lead technical security review of vendors, integrated venues, and protocols, including challenge of assurances that do not stand up to scrutiny.
  • Support client and counterparty due diligence on the technical content most likely to be misrepresented or under‑specified.

Policy, regulatory, and assurance support

  • Maintain a working understanding of the regulatory regimes applicable to Copper’s licensed entities sufficient to translate architectural decisions into language Compliance and GRC can defend. Primary ownership of regulatory positioning sits elsewhere.
  • Contribute to security policy, standards, and control framework development as the senior technical reviewer.
  • Participate in resilience exercises and incident reviews where architectural input materially shapes the outcome.

Skills and Experience

Essential

  • Multi‑chain architectural literacy. Able to reason across EVM, UTXO, and non‑EVM account‑based chains at the level of transaction construction, signing, consensus, and validator models. Comfortable assessing third‑party smart contract designs, implementations, and audit reports for exploit and risk surface without performing code review.
  • Custody and signing architecture. Strong conceptual grasp of threshold signing, signature schemes, and key lifecycle. Able to design and challenge the operational architecture around signing, separation of duties, approval policy, key ceremony equivalents in MPC, and recovery, to a high standard.
  • Settlement and collateral architecture. Demonstrable experience reasoning about settlement, collateral, and off‑exchange constructs, including trust boundaries between custodians, venues, and clients.
  • Identity and access architecture. Senior‑level experience designing and governing identity across Entra ID, federated SSO, OAuth2 / OIDC, SAML, and modern authenticators. Comfortable with entitlement governance and third‑party access design.
  • Cloud security. Working architectural understanding of AWS and Azure, including the ability to produce reference patterns and limited direct integration designs.
  • Architectural authority and judgement. Track record of holding sign‑off on significant designs, taking defensible positions under uncertainty, and owning residual risk.
  • Change review and assurance. Comfortable reviewing the work of engineering peers, infrastructure changes, and vendor designs, and able to hold the line where it matters.
  • Communication. Able to operate credibly with engineers, senior business stakeholders, auditors, and regulators in the same week, without losing precision at any of them.

Desirable

  • Familiarity with chain‑of‑trust constructs including verifiable builds, reproducible build pipelines, and hardware‑backed code signing.
  • Awareness of the regulatory landscape relevant to digital asset custody and trading (for example, FCA, FINMA, FSRA / ADGM, MiCA).
  • Compliance familiarity across ISO 27001, SOC 2, and NIST CSF / 800‑53, with the ability to map controls cleanly between them.
  • Enterprise architecture grounding (TOGAF, SABSA) where it complements rather than replaces technical depth.

Benefits

  • Paid Time Off – A minimum of 35 days of paid time off per year, inclusive of annual leave and public holidays. Employees also receive one additional day of annual leave for each year of service.
  • Comprehensive Medical Insurance – Inclusive of dental, optical, audiology, and mental health coverage, with medical history disregarded
  • Life Insurance
  • Enhanced Pension Contributions – Includes an enhanced employer matching contribution
  • 24/7 Employee Assistance Programme (EAP)

Copper is an equal‑opportunity employer. We embrace diversity and equal opportunities in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. It is in our differences that we will continue to grow and ensure Copper is transforming how institutional investors engage with digital assets. Copper is a Disability Confident Employer, please let us know if you have a disability.

If you require us to provide any assistance during the recruitment process, then we would ask you to highlight this to us and we will be happy to accommodate.

#J-18808-Ljbffr…

Posted: June 11th, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire