VP, Senior Product Security Engineer
New York
Full Time Senior-level / Expert USD 185K - 225K
Galaxy
Galaxy is a digital asset and blockchain leader helping institutions, startups, and individuals shape a changing economy.Who We Are:
At Galaxy we are building products and services to help the world invest in economic progress. We believe crypto and blockchain innovations will permeate and improve all aspects of our global economy. Our vision is a society where value and ownership flow as freely as information. Galaxy is a digital asset and blockchain leader helping institutions, startups, and individuals access and navigate the crypto economy. As one of the most well-capitalized and trusted companies in the industry, we provide platform solutions custom-made for a digitally native ecosystem across three complementary operating businesses: Global Markets, Asset Management, and Digital Infrastructure Solutions. Our offerings include, amongst others, trading, lending, strategic advisory services, institutional-grade investment solutions across passive, active and venture strategies, proprietary bitcoin mining and hosting services, network validator services, and the development of enterprise custodial technology. Galaxy’s CEO and Founder Michael Novogratz leads a team of crypto enthusiasts, and institutional veterans focused on the future of finance and Web3. The Company is headquartered in New York City, with global across North America, Europe and Asia.
Additional information about the Company's businesses and products is available on www.galaxy.com.
What We Value:
We are a diverse team of free thinkers, and fast movers united to help investors and creators energize the global economy. We are looking for individuals who thrive in a culture of builders and overachievers and embrace high performance, transparent feedback, and a mission-first approach. Our culture shapes our way of working and gets us where we want to be.
- Seek Excellence.
- Be Selective To Be Effective.
- Be Highly Aligned, Loosely Coupled.
- Disagree Transparently.
- Encourage Independent Decision-Making.
- Build Dream Teams.
Who You Are:
We are seeking a Senior Product Security Engineer with an expertise in securing micro services and cloud applications, and with a thorough understanding of product and software engineering processes. The engineer will participate in assessments of advanced trading systems and blockchain architectures, followed by the facilitation and/or implementation of remediations. The engineer will report to the Director of Product Security and work closely with Engineering, Product and Infrastructure teams to design and deliver secure software solutions at a rapid growth company.
What You’ll Do:
- Assist engineering and software delivery teams in assessing the security of the applications, software, and operational components including:
- Participate in relevant secure software design and code reviews.
- Assist with development and review of test plans to ensure effective security coverage.
- Assist teams with the mitigation of findings: assess the impacts, propose possible solutions, and provide technical guidance for implementation.
- Provide expertise and advice on cloud application and infrastructure security design patterns.
- Provide training and thought leadership for secure software development practices
- Review and improve implementations of authentication, authorization, data access and other security layers of our product stack
- Research and collaborate with product team members to make proposals to adopt advanced security patterns - e.g. MPC, multi-signature, confidential computing
What We’re Looking For:
- Bachelor or post-graduate diploma in cybersecurity or technology
- 5 years work experience in product security, application security, cloud security, or software development of security features
- Threat modeling, risk assessment, controls review
- Programming languages
- Managing SAST, DAST, SCA, and helping software engineers with understanding vulnerabilities and selecting appropriate mitigation
- In depth understanding of at least a few of the following topics: authentication and authorization technology, TLS and PKI, network security, cloud security, system security
- Strong analysis skills, detail oriented, strategic thinking
- Strong verbal and written communication skills, collaborative and solution-driven
- Security or cloud certifications
- Familiar with Cryptocurrency
What We Offer:
- Competitive base salary and discretionary bonus
- Flexible Time Off (paid)
- 3% 401(k) company contribution
- Company-paid health and protective benefits for employees, partners, and other dependents
- Generous paid Parental Leave
- Free virtual coaching and counseling sessions through Ginger
- Opportunities to learn about the Crypto industry
- Free daily snacks in-office
- Smart, entrepreneurial, and fun colleagues
- Employee Resource Groups
*Benefits may vary depending on location.
Apply now and join us on our mission to engineer a new economic paradigm.
The base salary ranges included below will be commensurate with candidate experience, expertise and local market. Final offer amounts are determined by multiple factors, including candidate experience and expertise. At Galaxy, we maintain a total compensation philosophy which consists of a competitive base salary, annual bonus, and equity incentives.
Base Salary Range$185,000—$225,000 USDGalaxy respects diversity and seeks to provide equal employment opportunities to all employees and job applicants for employment without regard to actual or perceived age, race, color, creed, religion, sex or gender (including pregnancy, childbirth, lactation and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, marital or partnership or caregiver status, ancestry, national origin, citizenship status, disability, military or veteran status, protected medical condition as defined by applicable state or local law, genetic information or predisposing genetic characteristic, or other characteristic protected by applicable federal, state, or local laws and ordinances.
We will endeavor to make a reasonable accommodation to the known limitations of a qualified applicant with a disability unless the accommodation would impose an undue hardship on the operation of our business. If you believe you require such assistance to complete the application process or to participate in an interview, please contact careers@galaxy.com.
Tags: Application security Blockchain Cloud Crypto DAST Finance Network security PKI Product security Risk assessment SAST TLS Vulnerabilities
Perks/benefits: Competitive pay Equity Flex hours Flex vacation Health care Medical leave Parental leave Salary bonus Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs