VP, Senior Product Security Engineer

We are a diverse team of free thinkers, and fast movers united to help investors and creators energize the global economy. We are looking for individuals who thrive in a culture of builders and overachievers and embrace high performance, transparent feedback, and a mission-first approach. Our culture shapes our way of working and gets us where we want to be.

• Seek Excellence.
• Be Selective To Be Effective.
• Be Highly Aligned, Loosely Coupled.
• Disagree Transparently.
• Encourage Independent Decision-Making.
• Build Dream Teams.

Galaxy is seeking a Senior Product Security Engineer with an expertise in securing micro services and cloud applications, and with a thorough understanding of product and software engineering processes. The engineer will participate in assessments of advanced trading systems and blockchain architectures, followed by the facilitation and/or implementation of remediations. The engineer will report to the Director of Product Security and work closely with Engineering, Product and Infrastructure teams to design and deliver secure software solutions at a rapid growth company.

Assist engineering and software delivery teams in assessing the security of the applications, software, and operational components including:

• →Participate in relevant secure software design and code reviews
• →Assist with development and review of test plans to ensure effective security coverage
• →Assist teams with the mitigation of findings: assess the impacts, propose possible solutions, and provide technical guidance for implementation
• →Provide expertise and advice on cloud application and infrastructure security design patterns
• →Provide training and thought leadership for secure software development practices
• →Review and improve implementations of authentication, authorization, data access and other security layers of our product stack
• →Research and collaborate with product team members to make proposals to adopt advanced security patterns - e.g. MPC, multi-signature, confidential computing

• Bachelor or post-graduate diploma in cybersecurity or technology
• 5 years work experience in product security, application security, cloud security, or software development of security features
• Threat modeling, risk assessment, controls review
• Programming languages
• Managing SAST, DAST, SCA, and helping software engineers with understanding vulnerabilities and selecting appropriate mitigation
• In depth understanding of at least a few of the following topics: authentication and authorization technology, TLS and PKI, network security, cloud security, system security
• Strong analysis skills, detail oriented, strategic thinking
• Strong verbal and written communication skills, collaborative and solution-driven
• Security or cloud certifications

• Familiar with Cryptocurrency