Member of Technical Staff, Security Operations

2 months, 2 weeks ago
Full-time
Mid Level
Software Development
Anchorage Digital

Anchorage Digital

Anchorage Digital is a regulated crypto platform that provides institutions with integrated financial services and infrastructure solutions. With the only federally chartered crypto bank in the US, as well as Anchorage Digital Singapore, which offers e...

Capital Markets
251-1K
Founded 2017
$487M raised

Description

  • Build and maintain security automation and tooling to detect vulnerabilities across code and live systems.
  • Conduct application security assessments, penetration tests, and code reviews to identify high-risk security issues.
  • Develop and operate vulnerability management workflows with engineering teams to prioritize and remediate findings.
  • Establish and test security guardrails for code, cloud resources, and infrastructure components.
  • Monitor and respond to security events and configuration anomalies, leading investigation and containment efforts.
  • Manage the full vulnerability lifecycle from discovery through remediation and ensure timely closure of findings.
  • Lead or substantially contribute to Security Operations initiatives with minimal oversight.
  • Deliver assurance artifacts and evidence to support regulated entity requirements, audits, and compliance efforts.
  • Document security processes, runbooks, and post-incident reviews to share knowledge and reduce single points of failure.
  • Partner cross-functionally with Engineering, Infrastructure, and Compliance teams to embed security into development and operations.

Requirements

  • 3+ years of hands-on experience in security engineering, application security, penetration testing, or security operations.
  • Experience building or maintaining security tools, integrations, or automation workflows using Python, Go, or similar languages.
  • Ability to identify and assess vulnerabilities in applications, APIs, and cloud infrastructure and communicate remediation strategies.
  • Experience with static and dynamic analysis tools such as Semgrep, CodeQL, Burp Suite, or equivalent.
  • Understanding of AWS security fundamentals, including IAM, VPCs, security groups, and CloudTrail/logging.
  • Ability to investigate security events, perform root cause analysis, and coordinate response efforts.
  • Strong computer science fundamentals, including concurrency, algorithms, and data structures.
  • Experience running or participating in bug bounty programs, such as HackerOne or Bugcrowd, is a plus.
  • Experience in regulated financial services, fintech, or crypto environments is preferred.
  • Relevant certifications such as OSCP, GWAPT, GCIH, or AWS Security Specialty are preferred.

Benefits

  • Remote-friendly role with the option to work in-office in New York City, Sioux Falls, Porto, Lisbon, or Singapore.
  • Quarterly in-person collaboration days for remote employees, sponsored by the company.
  • Opportunity to work at a federally chartered crypto bank with a regulated institutional platform.
  • A global team environment with cross-functional collaboration across engineering, infrastructure, and compliance.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Active Directory / Identity Engineer

Keywords Studios 10K-50K Internet Software & Services

Keywords Group is seeking an experienced Active Directory SME and Azure Identity Lead to guide company-wide identity architecture and support global IT across on-premises and cloud environments.

Active Directory Cybersecurity DHCP DNS PowerShell
17 hours, 30 minutes ago

Senior Manager, Engineering

Sumo Logic 251-1K Internet Software & Services

Sumo Logic is hiring a Senior Manager, Engineering for Application Security to lead global programs that improve product security, reliability, and operational efficiency across its cloud platform.

Agile AWS C++ Docker GCP Java Kafka Kubernetes OWASP Ruby Scala SIEM
18 hours, 15 minutes ago

Senior Security Compliance Engineer

Klaviyo 1K-5K IT Services

Klaviyo is seeking a Senior Security Compliance Engineer to help its Security Trust & Risk team automate and scale compliance operations, continuous monitoring, and GRC tooling across a fast-growing AI-first B2C CRM platform.

AWS CI/CD Go HIPAA Kubernetes Python REST API SQL
18 hours, 15 minutes ago

Security Engineering - Apps and Cloud Security

CallTek 51-250 Internet Software & Services

A security engineer at the company will own cloud and application security initiatives across CSPM, CIEM, CWPP, and AppSec platforms, with a focus on securing multi-cloud environments and enabling DevSecOps.

AWS DevSecOps GCP
18 hours, 15 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers