Senior Security Engineer
Brooklyn, New York, United States
Full Time Senior-level / Expert USD 150K - 200K
Stellar Development Foundation
The Stellar network is an open-source blockchain for payments & asset tokenization. Stellar offers tools and a global ecosystem of developers, entrepreneurs & enterprises.Interested in working on cutting-edge blockchain technology and creating equitable access to the global financial system? Since 2014, the mission-driven team at the Stellar Development Foundation (SDF) has helped fuel the tremendous growth of the Stellar blockchain network, an open-source platform that operates at high-scale today. Recently, the Stellar network saw a significant upgrade in the form of Soroban, a new Smart Contracts platform. Developers and companies around the world are already building on Soroban, and the SDF team is expanding to support the rapidly growing and changing Stellar ecosystem.
SDF is looking for an experienced Security Engineer who will work closely with our engineering and product teams as well as third-party groups to ensure the Stellar ecosystem is secure.
In this role you will:
- Lead efforts to improve our security vulnerability management programs both proactively (audits, etc) and reactively (bug bounties, etc)
- Establish a security framework (processes, training, etc) with engineering teams to incorporate security during all phases of application development lifecycle.
- Build a strong "security minded" community for the long term. Expanding our security framework to the broader community as to help secure the Stellar Ecosystem.
- Identify gaps in tools and automation in the Stellar Ecosystem, and help close those gaps by leveraging all SDF resources available (legal, business partnerships, grants, or developed in house).
You have:
- 5+ years of experience on a SecOps, AppSec team and/or Software development team.
- Strong understanding of security libraries and common security flaws.
- Hands on development experience with various languages. Being able to understand and work with a new language is a plus.
- A strong track record working in a collaborative environment
- Experience consulting with external vendors
- Experience with MITRE, NIST, OWASP frameworks
- Experience with common security / pen testing tools, nmap, Burp Suite
- Experience with automated security scanners: Nessus, Qualys, Snyk
- A strong understanding of OSI protocols such as TCP/IP, UDP, HTTP, HTTPS
- A good understanding of Cloud Infrastructure access controls and best practices.
- A good understanding of Linux
- Experience performing security testing using fuzzing techniques
Nice to have:
- Experience working on open source projects
- Active participation in the crypto community
- Experience with infrastructure solutions like Docker, Kubernetes
- Experience in developing smart contracts
- Experience applying formal methods of verifying blockchain systems
We offer competitive pay with a base salary range for this position of $150,000 - $200,000 depending on job-related knowledge, skills, experience, and location. In addition, we offer lumen-denominated grants along with the following perks and benefits:
USA Benefits/Perks:
- Competitive health, dental & vision coverage
- Flexible time off + 15 company holidays including a company-wide holiday break
- Paid parental leave
- Life & ADD
- Short & Long term disability
- FSA & Dependent Care Accounts
- 401K (4% match)
- Employee Assistance Program
- Monthly gym allowance
- Daily lunch and snacks in-office
- L&D budget of $1,500/year
- Company retreats
Tags: Application security Audits Automation Blockchain Burp Suite Cloud Crypto Docker Kubernetes Linux Nessus NIST Nmap Nonprofit Open Source OWASP Pentesting Privacy Qualys SecOps TCP/IP Vulnerability management
Perks/benefits: 401(k) matching Career development Competitive pay Flex hours Flex vacation Health care Lunch / meals Parental leave Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs