Principal Security Engineer

About the Role:

Reporting to the Chief Information Security Officer, the Principal Security Engineer will oversee the activities of the security architecture, engineering and operations of the security team. This position has high visibility and direct responsibility for the effective and efficient architecture of the Security Systems in addition to company and product systems. Additionally, the position will be responsible for driving process refinement and implementation, cross-team/discipline collaboration, maintenance of internal and external stakeholder relationships, and supervision of staff.

Responsibilities:

As part of our team, your core responsibilities will be:

• Architect, design, and implement security solutions, tools, and services to protect Zero Hash’s cloud network environment in collaboration with the Zero Hash Technical Engineering teams.
• Develop and maintain requirements and standards for capabilities that support security operations, threat detection, intelligence, and incident response functions.
• Maintain strong awareness of and support the achievement of Zero Hash’s security operations strategy and future state goals.
• Assess gaps in security operations capabilities, maintaining market and vendor awareness of both trends and advancing capabilities in alignment to the desired architecture.
• Working with Zero Hash’s Cyber Security Operations, identify and support innovation in capabilities necessary to fill critical capability gaps.
• Interface and support Zero Hash’s Security Council, Steering Committees, and Working Groups building strong rapport across teams.
• Assess gaps in Security skills and capabilities to support training and hiring practices on the security team in support of the CISO.
• Leverage threat models to define requirements and identify gaps to address threats
• Perform security reviews of infrastructure, products, and services
• Ensure tight coupling between Security and DevOps through collaboration with engineers
• Provide technical expertise on trends and emerging standards to cloud security landscape
• Work closely with team members to effectively enhance, implement and configure scalable security technologies, and enhance detection and response capabilities
• Implement, review, and maintain strong access controls and identity roles within the cloud infrastructure
• Supports our CISO in additional security projects, as needed

About you:

Baseline skills/experiences/attributes:

• BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus
• Minimum 10+ years of experience in design and implement security infrastructure services in AWS, and other security solutions including IAM, EDR, MDM, SIEM, KMS, and PAM.
• Experience in AppSec including SAST, DAST, open vulnerability management, and pen testing.

• Thorough understanding of industry and corporate technology standards for security operations.
• Experience developing cybersecurity and IT architectures.
• Demonstrated ability to take ownership and work with cross functional teams to manage multiple projects simultaneously under pressure.
• Advanced analytical and problem-solving skills.
• Consistently demonstrates clear and concise written and oral communication as well as strong presentation skills to both technical and non-technical audiences.
• Hands-on experience working with AWS services and tools such as CloudTrail, CloudWatch, SecurityHub, GuardDuty, Inspector, Shield, WAF, Secrets Manager, and Lambda.
• Familiar with serverless compute such as AWS Lambda and container implementations with EKS, Kubernetes, etc.
• Experience leading design and security reviews of cloud-based systems.

• Ability to work closely with software, SRE, and cloud engineers.
• Software development experience is a plus.
• CISSP, OSCP, GIAC, and or AWS Certified Security Specialty a plus.

Benefits Offered:

We believe that the best way to succeed is by having a happy, motivated and healthy team. We offer the following benefits:

• Healthcare Insurance: Zero Hash covers roughly 100% of employee premiums as well as a portion of spouse/children
• Vision & Dental Insurance
• Mental Health and Wellness Program
• Equity Ownership and Early Exercise
• Maternity & Paternity Leave
• Educational budget of $1000
• WFH stipend of $500
• WeWork All Access Membership
• Visa Sponsorship
• 401k

About Zero Hash:

Zero Hash is a B2B embedded infrastructure platform that allows any platform to integrate digital assets natively into their own customer experience quickly and easily (a matter of API endpoints). We power neo-banks, broker-dealers, and payment groups to offer digital asset trading and custody, crypto-backed rewards and round-ups programs as well as yield through staking and DeFi and NFTs.

Our thesis is very simple: every financial services firm will offer digital assets within the next 2 years and will do so through platforms such as Zero Hash. Zero Hash is defining the new FinTech vertical of digital-assets-as-a-service.

Clients include MoneyLion, Wirex, Deserve, MoonPay, tastytrade, Drivewealth. Backed by Point72 Ventures, NYCA, Bain Capital, tastytrade.

The Zero Hash Culture

All Zero Hash employees are guided by the following characteristics and core principles:

• Independence/Ownership - An ability to work autonomously. Join Zero Hash, pitch ideas, and shape the work you do.

• Passion - We are innovating quickly and challenging the status quo. We want you to think big, be creative and ​make a difference every day.

• Collaborative - A good attitude and respect for others. We’re teammates, not co-workers. Everything we do is a shared success and equally a shared failure - we talk in terms of “we” not “me”.

• Initiative - An ability and passion for learning and asking questions. We will champion you, challenge you and push you to achieve your best - and we expect you to do the same.

• Empathy - An ability to listen, respect, and understand your co-workers, customers, and everyone you interact with no matter how different they are to you.

• Adaptability - An ability to respond quickly. We are in a fast-paced industry and so we expect you to be creative when solving a new problem and comfortable under pressure.

• Transparency - We believe that transparency is critical to empowering everyone to make the best decisions, both the company to its people and vice versa.

• Integrity - Integrity creates trust. As both an organization collectively and as individuals, it is our most valuable asset.

Follow us

Twitter

LinkedIn

Youtube

Blog

For candidates based in Colorado, please contact colorado-wages @zerohash.com to request compensation and benefits information regarding a particular role(s). Please include with you email the city you reside (or intend to reside in Colorado) and the title/link to the roles you're interested in.