Security Incident Officer

👉 To apply, please email your CV to [email protected] with the subject title 'Application for Security Incident Officer'.

Overview

Intersect MBO is the member-based organization that underpins Cardano’s decentralized governance. Formed to ensure that the Cardano ecosystem remains community-led and self-sustaining, Intersect acts as both a convenor and enabler - connecting developers, Delegated Representatives (DReps), project teams, and members to shape the blockchain’s future collectively.

Through its committees, working groups, and open membership model, Intersect develops governance frameworks, coordinates ecosystem initiatives, and supports transparency across technical, strategic, and financial domains. Intersect operates independently of IOG, EMURGO, and the Cardano Foundation, while collaborating closely with them to deliver on Cardano’s long-term vision.

At its core, Intersect is about community governance in action, giving the people who build and use Cardano the power to guide its direction.

The Role

we are seeking an experienced Security Incident Officer to drive the evaluation and development of security process offerings across our organization interfacing to the Cardano blockchain. Reporting to the Head of the Open Source Office and forging close working relationships with the Security Council and technical committees at Intersect, this role will coordinate incident response procedures, engage with developers and community stakeholders, and support network resilience through monitoring, facilitating response drills, and secure software practices.

This is a key role for someone passionate about decentralization, blockchain analysis and security. You will work closely with our members across the Security Council, Technical Steering Committee, and Open Source Committee to evaluate and implement the initial stages of decentralized security tooling and processes on behalf of the MBO.

Key Responsibilities:

Here, security is about collaboration and readiness. As Security Incident Officer, you will be at the center of building a coordinated response framework, ensuring timely communication, and supporting a resilient culture of trust and transparency. You will work hand-in-hand with the Security Council, the Open Source Office, and key ecosystem partners to protect Cardano’s core infrastructure.

• First response and triage. Serve as a public contact for reported security incidents and potential vulnerabilities across the Cardano blockchain and tooling. Expect to be regularly on-call on a rotating basis with other first responders.

• Monitoring and detection. Track and report on available signals relating to the Cardano network, social media, and developer channels for signs of breaches, proposed attacks, or newly discovered vulnerabilities.

• Risk register maintenance. Support efforts to establish and maintain a community risk and vulnerability register - contributing to timely updates and accurate classification of risks.

• Community coordination. Coordinate cross-functional response efforts by engaging stake pool operators (SPOs), developers, and other stakeholders to support timely and effective mitigation.

• Stakeholder communication. Coordinate clear, discreet, and reassuring information flows to community members, developer organizations, and other key stakeholders.

• Procedure development. Define, document, and manage incident response procedures. Support network resilience by facilitating response exercises and encouraging secure software practices.

• Release event oversight. Monitor major releases and manage critical incident processes around them to help facilitate secure deployment and risk mitigation.

• Adoption of best practices. Recommend and coordinate static analysis and CI practices across Intersect-managed codebases.

• Tooling Monitoring. Feasibility, outline design, constraints and indicative costs for an internal chain monitoring solution. Feasibility assessment should include services such as;

  • Transaction monitoring

  • Smart Contract monitoring

  • Wallet and Address tracking

  • Network Health monitoring

  • Analytics & Dashboards

  • Real-Time Alerts & Notifications

Qualifications and Attributes:

Minimum requirements

• Proven experience in incident management and response.

• Background in project coordination, ideally with globally distributed teams.

• Knowledge of code security practices, including CI/CD pipelines, vulnerability scanners, and static analysis tooling.

• Expertise in observability tools and practices (e.g. log analysis, metrics, graphing tools and services like Grafana, Prometheus…).

• Experience working with open-source projects or blockchain ecosystems preferred.

• Familiarity with Cardano Core Node Tech Stack (Node, Govtool, Plutus, etc)

Preferred attributes

• Calm, reassuring presence in high-pressure situations.

• Strong coordination skills to align technical teams during time-critical incidents.

• Discretion and professionalism in handling sensitive security information.

• Ability to communicate clearly with stakeholders concerned about risk to their capital.

• Strong organizational skills to manage simultaneous incidents, drills, and processes.

Compensation and benefits:

Tied to the approved treasury action a salary equivalent of up to $80,000 USD (adjusted to local currency based on experience).

As a growing scale-up, we are in the process of evolving our benefits offering to ensure it reflects our community-first values and global workforce.

Recruitment Process:

The Security Incident Officer will be selected through a three-stage recruitment process. All interviews will be conducted remotely via Google Meets.

• Introductory call: A short introduction call with an internal staff member at Intersect as an opportunity to learn more about the role and to ask questions.

• First stage interview: A panel of three Intersect staff members will conduct a question-based interview focusing on technical and cultural fit. This panel will include:

  • The Open Source Committee (OSC) Secretary, to provide context from the OSC.

  • A Technical Intersect member, to assess broader technical skills.

  • A member of the Senior Leadership Team (SLT), to evaluate cultural alignment.

• Final Stage Interview: This will likely be a case-study based interview hosted by committee representatives (no more than 4 on the panel).