Security Engineer at CoinTracker

The Security Engineer role at CoinTracker requires a highly experienced professional with deep expertise in security engineering to establish and maintain robust security measures in a crypto or financial services context. This position emphasizes building infrastructure, processes, and a security culture from the ground up.

• 8+ years of experience in security engineering or related technical roles, preferably in fast-paced startup environments.
• Comprehensive understanding of core security domains including application security, infrastructure security, cloud security, identity and access management, and security operations.
• Hands-on experience in implementing security controls, policies, and best practices, with direct collaboration with engineering teams.
• Proven experience with security frameworks such as SOC 2, ISO 27001, NIST, and GDPR, including leading audits and certifications.
• Ability to define and execute security roadmaps, manage ambiguity, and foster a security-aware culture.

CoinTracker, a cryptocurrency-focused company, is likely seeking its first Security Engineer to address the growing need for robust security in the volatile crypto industry. As a startup or growth-stage entity, they require someone who can quickly build and scale security infrastructure, processes, and culture to protect against emerging threats and ensure compliance. The emphasis on experience in fast-paced environments suggests a need for adaptable, pragmatic individuals who can drive innovation while managing risks, potentially indicating a preference for candidates with a background in handling ambiguity and rapid iteration, which is common in the fintech sector.

Interviewers should prioritize candidates who demonstrate strong technical expertise in security engineering, particularly in areas like threat modeling, code scanning, and secrets management within the software development lifecycle. Focus on assessing their ability to lead security initiatives such as penetration testing, SOC 2 audits, and incident response plans, as well as their experience in embedding security practices across teams. Look for evidence of resourcefulness in ambiguous situations, cultural fit in fostering awareness, and relevant experience in crypto or financial services to ensure alignment with CoinTracker's specific threat models and growth trajectory.