Principal Security Engineer, Product Security (Break) at Gemini
Help Us Build the Future of Money
Gemini Trust Company, LLC (Gemini) is a licensed digital asset exchange and custodian. We built the Gemini platform so customers can buy, sell, and store digital assets (e.g., Bitcoin, Ethereum, and Zcash) in a regulated, secure, and compliant manner.
Digital assets and blockchain technology have the power to transform the world for good. This truth, along with our core values, form the bedrock of our company and culture. At Gemini, no job is too small and no project too big as we endeavor to build the future of money. We are a mission-driven, team-based, inclusive, and determined community of thought leaders who invest in each other and the long game. Join us in our mission!
The Department: Security
In the emerging industry of digital assets, there is nothing more important than trust (which is why Gemini’s very first hires were Security experts). The Gemini Security team forms the backbone of all that we do and is as diverse as the number of challenges we tackle in the crypto space. From security architecture and engineering to maintenance of cold storage systems and data centers to cybersecurity and litigation support, our team ensures that our customers, clients, and employees are safe, secure, and supported.
The Role: Principal Product Security Engineer (Break)
As a member of the Product Security team, you will share in the responsibility of protecting the company and our customers against application security threats. The ProdSec team is focused on the advancement of modern application security and supports the engineering organization by finding, fixing, and preventing software security vulnerabilities.
As a Principal Product Security Engineer, you will lead efforts to assess and review services, applications, and designs to proactively discover software vulnerabilities. This will involve working closely with multiple groups and organizations within Gemini to enable security and avoid blocking or the unnecessary slowing of development practices.
- Execute security assessments of Gemini’s platform, which includes our web application, mobile application, and infrastructure, hardware, and protocols associated with supporting a growing list of cryptocurrencies.
- Develop tools that make it easier to ship secure code and harder to ship insecure code.
- Review and provide feedback on new features within the Gemini platform.
- Perform threat modeling of our platform and collaborate with engineering teams to educate them on threats and vulnerabilities applicable to Gemini’s platform.
- Develop and share research in the area of product security, vulnerability management, and blockchain / cryptocurrency.
- At least 8 years of experience in application security
- Expertise with common security testing methodologies
- Experience with automated or otherwise highly scalable application security solutions
- Experience with building and customizing tools
- Ability to accurately weigh security risks against business operations and goals
- Strong communication skills and ability to work in a team
- Experience with Scala, Python, or C++
- Experience with smart contracts
- Published or presented security research
- Experience securing mobile applications and infrastructure
It Pays to Work Here
We take a holistic approach to compensation at Gemini, which includes:
- Competitive base salaries across all departments
- Ownership in the company via profit sharing units
- Amazing benefits, 401k match contribution, and flexible hours
- Snacks, Perks, Wellness Outings & Events
Gemini is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need that requires accommodation, please let us know.