Project Eleven
Senior Security Engineer

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Senior Security Engineer
Project Eleven: Senior Security Engineer – Apply Now
About Project Eleven
Project Eleven is an applied lab of builders and technologists working at the intersection of quantum computing and cryptography. We build impactful solutions that push the digital-asset ecosystem toward a more secure future.
Our focus is on post-quantum migration: upgrading wallets, identity, and settlement rails to quantum-safe primitives without compromising user experience (UX), composability, or developer workflows.
Our mission is to future-proof digital assets and preserve self-sovereignty in a post-quantum world. We achieve this by building the canonical tooling and products teams can adopt:
- Crypto-agile infrastructure
- Reference implementations
- Integrations that align with real-world constraints: latency, cost, compatibility, key rotation, and recovery
We collaborate with leading ecosystems to make this migration realistic through products, audits, testnets, and cutting-edge research. Our vision is a proven upgrade path, production-ready tooling, and users maintaining control over their assets and identity—before quantum-resistant cryptography (CRQC) becomes universally necessary.
The Role
We’re hiring a Senior Security Engineer to own product and platform security across Project Eleven.
You’ll shape security posture for our institutional product, where security and trust are critical for customer adoption. This is a high-ownership role with a broad scope, encompassing threat modeling, hardening services and supply chains, leading compliance, and collaborating closely with engineering to ensure secure-by-default delivery.
- Full-time, fully remote, based in Europe (GMT to GMT+2).
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
What You’ll Be Responsible For
-
Owning the security posture of our institutional platform:
- Threat models, secure design reviews
- Sensitive operational procedures
- Incident response and postmortem culture
-
Partnering with engineering to drive secure design across backend systems:
- Reviewing cryptographic protocols and integrations
-
Building out our application security program:
- Secure Software Development Lifecycle (SDLC)
- Code review standards
- Supply chain hardening (dependency scanning, vulnerability management)
- Secrets management
-
Establishing and operating:
- Vulnerability management
- Penetration testing cadence
- Bug bounty program
-
Developing incident response capabilities:
- Runbooks
- On-call rotations
- Postmortem culture
-
Collaborating on compliance (SOC 2 Type II is our first milestone):
- Controls, policies, and evidence collection aligned with institutional due diligence
-
Acting as the security voice in:
- Customer conversations
- Due diligence questionnaires
- Security reviews with institutional buyers
What You Bring
-
5+ years in security engineering, with significant ownership of a production security program (not purely advisory or audit-focused)
-
Experience securing high-stakes systems at meaningful scale, with a focus on correctness, durability, or regulatory compliance
-
Strong applied cryptography knowledge:
- Key management
- Signing protocols
- Secure key handling (in use and at rest)
-
Experience guiding an organization through frameworks like:
- SOC 2, ISO 27001, or equivalent
-
Hands-on experience with:
- Cloud security (AWS)
- Modern deployment platforms
- Writing and reading infrastructure code


Get help with your application
Your very own career expert that helps elevate your application to the next level.
-
Track record of partnership with engineering teams, not gating them:
- Deliver security improvements as code and policy, not just ticket-based solutions
-
Pragmatic threat modeling instincts with the ability to balance risk tradeoffs in a fast-moving startup environment
-
Strong English communication, including clear representation of security concepts to institutional customers and auditors
What We’d Love to See
-
Background in institutional digital-asset infrastructure, including experience with:
- Custody platforms
- Exchanges
- HSM-backed systems
- Regulated financial infrastructure
-
Hands-on experience with distributed cryptographic protocols in production:
- MPC (Multi-Party Computation)
- Threshold signing
- HSM integration
-
Knowledge of post-quantum cryptography and its operational implications for cryptographic primitive migration
-
Experience leading incident response for a security-critical product
-
Prior experience as:
- The first security hire at a startup
- Establishing a security function from scratch
-
Offensive security background (red team, pentesting, vulnerability research) in addition to defensive work
-
Open-source contributions to:
- Security tooling
- Cryptography
- Related infrastructure
Equal Opportunity
We remain committed to equal employment opportunity and believe that diverse teams build better products. All qualified applicants will receive consideration without regard to any protected characteristic under applicable law.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location