Principal/Staff Software Security Engineer
New York City; Portland, Oregon; Chicago, Illinois; Los Angeles, California; San Francisco, California; Remote
Gemini
Gemini makes crypto simple. Find, Trade and Buy over 80 coins including bitcoin on the best cryptocurrency platform. Start trading crypto here.Empower the Individual Through Crypto
Gemini is a crypto exchange and custodian that allows customers to buy, sell, store, and earn more than 30 cryptocurrencies like bitcoin, bitcoin cash, ether, litecoin, and Zcash. Gemini is a New York trust company that is subject to the capital reserve requirements, cybersecurity requirements, and banking compliance standards set forth by the New York State Department of Financial Services and the New York Banking Law. Gemini was founded in 2014 by twin brothers Cameron and Tyler Winklevoss to empower the individual through crypto.
Crypto is about giving you greater choice, independence, and opportunity. We are here to help you on your journey. We build crypto products that are simple, elegant, and secure. Whether you are an individual or an institution, we want to help you buy, sell, and store your bitcoin and cryptocurrency. Crypto is not just a technology, it's a movement.
At Gemini, our mission is to empower the individual and that includes giving our employees flexibility of choice — our Office Optional Policy allows employees to choose to work from one of our physical locations or from home.
Select roles that are location-specific will still be eligible for flexible schedules.
The Department: Software Engineering
Gemini is regulated and licensed like a bank, but it’s run like a tech startup, and engineering is the core of the company. There’s a wide range of tough problems to solve at Gemini – from properly securing hundreds of millions of dollars worth of customer funds, to developing innovative new blockchain products, to finding new techniques to combat fraud, to shaving microseconds off our API response times, and everything in between.
All of Gemini’s engineers are able to work across the software platform, not just on their own specialization or subteam. We value a thoughtful, collaborative software development process, coupled with a pragmatic approach to problem solving and delivering software.
The Role: Principal/Staff Software Security Engineer
The Asset Storage team at Gemini develops and manages security tools and platforms, assists users to design and assess the security internal systems, builds automation to simplify manual or complex processes and works directly with cryptographic hardware and trusted execution environments.
Security of customers’ digital assets and personal information held with Gemini is our first and foremost priority. The Asset Storage team develops and maintains a trusted execution environment for the purpose of storing Gemini customer’s digital assets. To more easily manage these assets, we are building a scalable and automated hardware signing environment that includes a build and automation process to ensure system integrity.
In our work, we research applicable hardware and software security approaches to implement tools and approaches to support our hardware signing environment (e.g., one or more of trusted platform modules or TPMs, hardware security modules or HSMs, and trusted execution environments or TEEs). Given the need to automate many of these security engineering processes a candidate can learn or may have experience in automation.
In this role, an engineer will also work closely with various teams including our Security Operations, Product Security, Wallet Engineering, and Platform Engineering teams.
Responsibilities:
- Design, deploy, and maintain security solutions supporting Asset Storage
- Implement secure build software infrastructure that makes use of a trusted platform module (TPM), hardware security module (HSM), trusted execution environment (TEE), smartcard, and/or other similar hardware key storage mechanism
- Research complex business topics around TPMs, HSMs, TEEs, secure build infrastructure, and applied cryptography
- Participate in disaster recovery (DR) scenarios to validate operability of physical and digital material
- Provide first line support through an on-call rotation to support business processes
Minimum Qualifications:
- Experience implementing software in any of the following: operating systems, kernel development, or cryptographic hardware (PKCS#11, FIPS 201-1 PIV, smartcards, TPMs, HSMs, or TEEs)
- Strong understanding of systems/network security, secure protocol design, secure build and supply chain management, encryption, authentication, key management and applied cryptography
- Proficiency in a common scripting language including but not limited to Python, Ruby, etc.
- Able to troubleshoot and debug issues, and demonstrate a methodical approach to root cause analysis
- Strong written and verbal communication skills; attentive to details
Preferred Qualifications:
- Ability to read and write code written in Python, Scala, Java, and C/C++, Golang
- Develop tools and automation that integrate security into systems and process
- Improve the capabilities of the existing hardware security infrastructure with a mindset towards Infrastructure as code (even better if you have familiarity with an automation or configuration tool including Ansible, Chef, Puppet, etc.)
- Hands-on expertise with Hardware Security Modules such as Ultra Keyper, Safenet (Luna), Thales, Yubico
- Knowledge of hardware security, verified/secure boot, tamper resistance, side-channel attacks, anti-cloning, and PUFs
- Demonstrated ability to convert theoretical security concepts into production
- Experience in network engineering and security
- Solid understanding of Product Management and Product Ownership, Agile practices and methodologies
It Pays to Work Here
We take a holistic approach to compensation at Gemini, which includes:
- Competitive Compensation and Profit-Sharing Equity
- Flexible vacation policy
- Retirement Plan Matching
- Generous Parental leave
- Comprehensive health plans
- Training and professional development
At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace and affirmative action employer. If you have a specific need that requires accommodation, please let a member of the People Team know.
#LI-CP1
#LI-REMOTE
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Ansible APIs Automation Banking Blockchain C C++ Compliance Crypto Cryptography Encryption Golang Java Network security Product security Puppet Python Ruby Scala Scripting
Perks/benefits: Competitive pay Equity Flex vacation Home office stipend Parental leave Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs