Staff Security Engineer, Threat Detection & Response

Описание вакансии

About the Company

Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all — bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact.

The Department: Threat Detection & Response

In the emerging industry of digital assets, there is nothing more important than trust (which iswhy Gemini’s very first hires were Security experts). The Gemini Security team forms thebackbone of all that we do and is as diverse as the number of challenges we tackle in the crypto space. From security architecture and engineering to maintenance of cold storage systems and data centers to cybersecurity and litigation support, our team ensures that our customers, clients, and employees are safe, secure, and supported.

The Role: Staff Security Engineer

We are seeking an experienced and highly skilled Security Staff Engineer to join our team. This role is crucial in shaping our security strategy, leading the design and implementation of security solutions, and ensuring our infrastructure and applications are robust against threats. The ideal candidate will possess deep expertise in security engineering, strong leadership skills, and a proactive approach to problem-solving.

This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office.

Responsibilities:

• Security Strategy and Leadership:

+ Lead the development and implementation of security strategies, policies, and procedures.

+ Provide technical leadership and guidance to security engineering teams and other stakeholders.

+ Stay current with industry trends, emerging threats, and new technologies to ensure our security practices remain effective.

• Design and Implementation:

+ Architect and design secure systems, applications, and infrastructure to protect against threats and vulnerabilities.

+ Develop and implement security controls, monitoring systems, and response mechanisms.

+ Collaborate with engineering teams to integrate security practices throughout the software development lifecycle.

• Risk Management and Mitigation:

+ Identify and assess security risks, vulnerabilities, and threats to our systems and data.

+ Develop and implement risk mitigation strategies and incident response plans.

+ Conduct regular security assessments, penetration tests, and vulnerability scans.

• Compliance and Governance:

+ Ensure compliance with industry standards, regulations, and best practices (e.g., GDPR, CCPA, NIST, ISO 27001).

+ Develop and maintain documentation related to security policies, procedures, and compliance requirements.

• Incident Response:

+ Lead incident response efforts for security breaches, including investigation, containment, and remediation.

+ Conduct post-incident analysis to identify lessons learned and improve security posture.

• Mentorship and Training:

+ Mentor and train junior security engineers and other team members on security best practices and technologies.

+ Promote a culture of security awareness and continuous improvement within the organization.

• Collaboration and Communication:

+ Work closely with cross-functional teams, including IT, development, and operations, to address security concerns and integrate security solutions.

+ Communicate security risks, strategies, and updates to senior management and other stakeholders.

Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or an equivalent experience.
• 8-10+ years of experience in security engineering, with a strong background in designing and implementing security solutions.
• Deep expertise in security technologies, including firewalls, intrusion detection/prevention systems, encryption, and vulnerability management.
• Proven experience with cloud security, network security, application security, and identity and access management.
• Strong understanding of security frameworks, standards, and regulations (e.g., NIST, ISO 27001, PCI-DSS).
• Excellent problem-solving skills and the ability to handle complex security challenges.
• Strong communication skills, with the ability to convey technical information to non-technical stakeholders.

It Pays to Work Here

The compensation & benefits package for this role includes:

• Competitive starting pay
• A discretionary annual bonus
• Long-term incentive in the form of a new hire equity grant
• Comprehensive health plans
• 401K with company matching
• Paid Parental Leave
• Flexible time off

Salary Range: The base salary range for this role is between $168,000 - $240,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate’s compensation, we consider a number of factors including skillset, experience, job scope, and current market data.

In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce.

At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know.

#LI-AA1