Security Incident Officer

Department: Open Source Office (OSO) – Intersect MBO

Job Function: Security Incident Officer on 12 Month Contract

Salary Range: Tied to the approved treasury action a salary equivalent of $70,000–$80,000 USD, adjusted to local currency based on experience.

Summary At Intersect, a member-led organization supporting Cardano’s decentralized governance, open-source technology, and long-term resilience, we are seeking an experienced Security Incident Officer to drive the evaluation and development of security process offerings across our organization interfacing to the Cardano blockchain. Reporting to the Head of the Open Source Office and forging close working relationships with the Security Council and technical committees at Intersect, this role will coordinate incident response procedures, engage with developers and community stakeholders, and support network resilience through monitoring, facilitating response drills, and secure software practices.

This is a key role for someone passionate about decentralization, blockchain analysis and security. You will work closely with our members across the Security Council, Technical Steering Committee, and Open Source Committee to evaluate and implement the initial stages of decentralized security tooling and processes on behalf of the MBO.

Duties:

• First response and triage. Serve as a public contact for reported security incidents and potential vulnerabilities across the Cardano blockchain and tooling. Expect to be regularly on-call on a rotating basis with other first responders.

• Monitoring and detection. Track and report on available signals relating to the Cardano network, social media, and developer channels for signs of breaches, proposed attacks, or newly discovered vulnerabilities.

• Risk register maintenance. Support efforts to establish and maintain a community risk and vulnerability register - contributing to timely updates and accurate classification of risks.

• Community coordination. Coordinate cross-functional response efforts by engaging stake pool operators (SPOs), developers, and other stakeholders to support timely and effective mitigation.

• Stakeholder communication. Coordinate clear, discreet, and reassuring information flows to community members, developer organizations, and other key stakeholders.

• Procedure development. Define, document, and manage incident response procedures. Support network resilience by facilitating response exercises and encouraging secure software practices.

• Release event oversight. Monitor major releases and manage critical incident processes around them to help facilitate secure deployment and risk mitigation.

• Adoption of best practices. Recommend and coordinate static analysis and CI practices across Intersect-managed codebases.

• Tooling Monitoring. Feasibility, outline design, constraints and indicative costs for an internal chain monitoring solution. Feasibility assessment should include services such as;

  • Transaction monitoring

  • Smart Contract monitoring

  • Wallet and Address tracking

  • Network Health monitoring

  • Analytics & Dashboards

  • Real-Time Alerts & Notifications

Key Competencies

• Calm, reassuring presence in high-pressure situations.

• Strong coordination skills to align technical teams during time-critical incidents.

• Discretion and professionalism in handling sensitive security information.

• Ability to communicate clearly with stakeholders concerned about risk to their capital.

• Strong organizational skills to manage simultaneous incidents, drills, and processes.

Education / Experience

• Proven experience in incident management and response.

• Background in project coordination, ideally with globally distributed teams.

• Knowledge of code security practices, including CI/CD pipelines, vulnerability scanners, and static analysis tooling.

• Expertise in observability tools and practices (e.g. log analysis, metrics, graphing tools and services like Grafana, Prometheus…).

• Experience working with open-source projects or blockchain ecosystems preferred.

• Familiarity with Cardano Core Node Tech Stack (Node, Govtool, Plutus, etc)

Why join Intersect? Intersect is a lean, member-driven organization stewarding critical infrastructure for Cardano and enabling its decentralized governance. This is a unique opportunity to safeguard the ecosystem by strengthening our security posture and helping shape how we respond to incidents across a global, decentralized network.

Here, security is about collaboration and readiness. As Security Incident Officer, you will be at the center of building a coordinated response framework, ensuring timely communication, and supporting a resilient culture of trust and transparency. You will work hand-in-hand with the Security Council, the Open Source Office, and key ecosystem partners to protect Cardano’s core infrastructure.

If you want to be part of a team that not only defends critical systems but also empowers a community to take collective responsibility for security, this is your chance to make a meaningful impact.

To apply, please send a cover note and CV to [email protected]