Security Engineer at CoinTracker

Job Description

Key Responsibilities

• Define and execute the security roadmap, balancing near-term wins with long-term investments across infrastructure, cloud, application security, and security operations
• Conduct security gap assessments and implement baseline controls, policies, and best practices
• Lead key security initiatives including third-party audits (e.g. SOC 2, penetration testing), security certifications (ISO 27001), incident response readiness, and vulnerability management
• Partner closely with engineering teams to embed security into SDLC — from threat modeling to code scanning to secrets management
• Foster a strong security culture across the company by driving awareness, education, and best practices

Job Requirements

• 8+ years of experience in security engineering or related technical roles, ideally in fast-paced startup or growth-stage environments
• Deep understanding of core security domains including application security, infrastructure and cloud security, identity and access management, security operations and incident response
• Hands-on experience implementing security measures and working directly with engineering and infrastructure teams
• Experience with security frameworks like SOC 2, ISO 27001, NIST, and GDPR
• Experience leading or supporting third-party audits, penetration testing, and internal risk assessments
• Resourceful, pragmatic, and comfortable working in ambiguity — able to move fast while building for the long term
• U.S. citizen and U.S. resident
• (Bonus) Familiarity with the unique risks and threat models in crypto or financial services
• (Bonus) Security certifications such as CISSP and GIAC

Benefits