Information Security Officer

About Ceffu

Ceffu is a leading institutional-grade digital asset custody platform, offering secure, compliant, and scalable solutions for enterprises, hedge funds, and financial institutions. Our mission is to provide cutting-edge security and infrastructure to support the seamless integration of blockchain technology into institutional finance.

Job Summary

Ceffu is looking for a skilled and proactive Information Security Officer to join our team in Turkey. This role involves overseeing cryptographic protocols, managing distributed ledger (blockchain) network integration, and supporting broader information security operations. The position is critical in ensuring the confidentiality, integrity, and availability of systems and data in a regulated environment.

This officer will work in addition to personnel involved in system administration, software development, QA, and database management, with a specialized focus on cryptology and DLT security tasks.

Key Responsibilities

• Oversee and implement cryptographic mechanisms used in digital asset custody and transaction signing.
• Lead the integration and security assessment of distributed ledger networks (e.g., blockchain nodes, validator integrations).
• Collaborate with development and infrastructure teams to secure software, networks, APIs, and system environments.
• Identify and mitigate vulnerabilities across cloud, on-premises, and blockchain-based infrastructure.
• Ensure the security of key management systems and hardware security modules (HSMs).
• Support compliance with internal information security policies and Turkish regulatory requirements for crypto service providers.
• Participate in incident response, penetration testing coordination, and system hardening efforts.
• Maintain documentation on cryptographic architecture, security protocols, and integration processes.

Requirements

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Engineering, or a related field.
• 5+ years of experience in information security, with a focus on cryptography, blockchain systems, or infrastructure security.
• Proficiency in cryptographic standards (e.g., PKI, ECC, SHA, HMAC), key management, and blockchain integration (e.g., Ethereum, Bitcoin, Cosmos, etc.).
• Experience working with secure system architecture and distributed systems.
• Strong understanding of Turkish information security regulations and crypto-specific security requirements.
• Excellent problem-solving skills, analytical mindset, and a proactive approach to risk.
• Fluency in Turkish and proficiency in English.

Preferred Qualifications

• Industry certifications: CISSP, CISM, CEH, GIAC, or Blockchain Security Certificate.
• Familiarity with security assessments, penetration testing, and smart contract auditing.
• Experience with MASAK and Turkish compliance frameworks related to data and security.