Senior Product Security Engineer
Fully Remote (Worldwide)
MoonPay builds payments infrastructure for cryptocurrencies. Our on- and off-ramp suite of products provides a seamless experience for converting between fiat and crypto using all major payment methods in over 160 countries. Our mission is to make cryptocurrencies accessible to over a billion people by 2030! 🚀
We are trusted by 250+ leading wallets, websites, and applications. Some of the biggest crypto brands in the world, including Bitcoin.com, Dapper Labs, OpenSea, Argent, ZenGo, Trust Wallet and Spot, rely on our technology. Through these partnerships alone, our products are used by over 5 million users worldwide. 🌎
One of the great things about working at MoonPay is that we are fully remote. Our global team spans 25+ countries, and we pride ourselves on having a connected and inclusive culture that empowers people to do their best work. We give our team autonomy to move fast, innovate and take responsibility. Join us in our mission to build a better financial world!
What you’ll do 👀
- Partner with engineering to perform regular product security assessments and threat modeling.
- Respond to vulnerabilities disclosed through our vulnerability disclosure program (bug bounty) and our own vulnerability discovery.
- Maintain internal documentation and standards for security best practices.
- Develop tooling to automate and scale our security assessment processes.
- Design and develop features to improve the security of our products.
- Participate and support the incident detection and response process.
- Provide security advice and mentorship to the engineering team.
As a Senior you will be expected to:
- Mentor and coach other Engineers.
- Contribute to our overall approach and standards within the security discipline.
- Evangelise the adoption of new tools and approaches to security.
You should apply if ✅
- You have a deep knowledge and understanding of modern web technologies and their weaknesses.
- You have hands-on experience performing web application penetration testing, code reviews, architecture reviews and threat modelling.
- You have good programming skills.
- You have experience working with security tooling such as SAST, DAST and IAST.
- You are comfortable explaining technical concepts like vulnerabilities and discussing effective mitigations.
- You have knowledge and experience detecting and mitigating OWASP 10 vulnerabilities
- You are experienced at supporting the response to security incidents.
Research has shown that women are less likely than men to apply for this role if they do not have solid experience in 100% of these areas. Please know that this list is indicative and that we would still love to hear from you even if you feel you only are a 75% match. Skills can be learnt, diversity cannot.
We promote a diverse and inclusive culture at MoonPay.
Bonus points if:
- You have experience working in a regulated industry.
- You have completed or are in the process of completing security certifications such as CISSP, GWEB, OSWE.
- You contribute to the security industry through research, talks etc
Unfortunately, we are unable to offer visas of any kind at this time.
For this role we are ideally looking for a candidate based in Europe or able to work +/-4 GMT working hours.
Our interview process takes place on Google Hangouts and for Product roles consists of the following:
- Recruiter call (30 minutes)
- Initial screen (30-45 minutes)
- Final interview (2 hours)
Please let us know if you require any accommodations for the interview process, and we’ll do our best to provide assistance.
- Competitive salary 💰
- Stock options 📈
- Unlimited holidays 🏝
- Home office equipment allowance of 600 USD (or local equivalent) 🪑
- Working in a disruptive and fast-growing industry where the possibilities are endless 🚀
- Fully remote: your life, your way of working 🌎
- Freedom, autonomy and responsibility 💪
- Annual company retreat 🧘♀️
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open SOC Analyst Jobs
- Open IT Security Engineer Jobs
- Open Principal Security Engineer Jobs
- Open Information Security Architect Jobs
- Open Information Security Officer Jobs
- Open Vulnerability Analyst Jobs
- Open Personnel Security Officer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Engineer Jobs
- Open Senior Information Security Analyst Jobs
- Open Staff Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open DevOps Security Engineer Jobs
- Open Senior Incident Response Analyst Jobs
- Open Computer Forensic Software Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open IAM Engineer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Cybersecurity Engineer Jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open NIST-related jobs
- Open Open Source-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Machine Learning-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Encryption-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open DevSecOps-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open Unix-related jobs
- Open TCP/IP-related jobs
- Open PowerShell-related jobs
- Open DNS-related jobs