Chief Security Officer

Able is building regulated stablecoin infrastructure for the Gulf region.

We issue aUSD, a yield-bearing stablecoin backed by USDC/USDT on Ethereum, with a roadmap toward fiat-backed issuance.

Our product suite includes a minting and redemption system, an automated yield deployment engine, a consumer-facing application with fiat on-ramp and virtual card functionality, and AI-powered financial management features.

We are looking for a fractional Chief Security Officer to own the end-to-end security posture of Able’s infrastructure, from Solidity contracts through to the consumer application layer.

We need someone deeply technical who can review architecture decisions, manage audit relationships, harden our systems against real threats, and establish strong security practices that scale.

You will work directly with the founding team on a 5–10 hour per week basis.

∙ Design, implement, and enhance company wide security measures protecting and securing our hardware devices, networking, physical infrastructure, company accounts, internal communication tools, crypto tools, backend systems, analytics tooling, signing devices, and more.

∙ Oversee the security of key management, signer rotation policies, and operational procedures.

∙ Manage relationships with external smart contract auditors across multiple audit cycles.

∙ Assess and secure the yield deployment pipeline, where underlying stablecoins are redeployed into DeFi and CeFi yield opportunities, ensuring monitoring for unauthorized fund movement and protocol-level risk.

∙ Review the architecture of our analytics dashboard (stats.able.investments), including authentication (password + passkey/biometrics), DDoS protection, and access controls for sensitive supply and collateralization data.

∙ Harden the consumer application (TypeScript/Node, mobile + desktop) against common attack vectors, with particular attention to wallet interactions, card data handling, and session management.

∙ Assess the security posture of features that interact with user financial data, spending patterns, and subscription management, ensuring appropriate sandboxing and data access controls.

∙ Establish an incident response framework and monitoring/alerting for company wide operations.

What We’re Looking For.

∙ Hands-on experience with custody and multisig infrastructure and key management best practices in production environments.

∙ Familiarity with DeFi protocol risk: yield strategy exposure, oracle dependencies, bridge risk, and composability attack surfaces.

∙ Experience securing Node.js/TypeScript backend systems and consumer-facing applications, including API security, authentication, and mobile app hardening.

∙ Experience working in a financial institution, exchange, trading firm, or other type of company with sensitive data and robust security procedures.

∙ Track record managing external audit firms and coordinating audit cycles from scoping through remediation.

∙ Strong communication skills.

You will be advising founders directly and need to translate security risk into business decisions clearly.