Associate, Product Security Engineer
Description For Associate, Product Security Engineer
Galaxy is seeking a Product Security Engineer to join our team of senior ProdSec and offensive security engineers. The engineer will contribute to establishing our secure by design program to all software and production engineering teams, and elaborate standards and best practices to bring efficiency to those engineers as they implement security controls. We are looking for a curious, collaborative, detailed oriented individual who will gradually build a solid understanding of Galaxy business lines and solutions. Based in London, the Product Security Engineer will work with teams in the local office as well as US (where all other members of ProdSec are based) and Hong Kong.
Responsibilities:
- Assist software and production engineering teams in applying threat modeling to their designs
- Assess which security controls are most adequate for a specific design, considering existing policies and standards
- Elaborate standards for engineering teams (e.g., OAuth usage, system/network hardening)
- Help teams understand vulnerabilities reported by security tools (SAST, SCA, container/OS scanners)
- Build solid understanding of London and HK-built technology stacks
- Increase understanding of secure by design program for technology teams and stakeholders
Requirements:
- Bachelor or post-graduate diploma in cybersecurity or technology
- 2+ years work experience in product security, application security, cloud security, or security-focused software development
- Strong understanding of authentication/authorization, TLS/PKI, network security, cloud security, system security
- Experience with threat modeling, risk assessment, controls review
- Familiarity with SAST, DAST, SCA
- Programming experience
- Strong analysis skills and attention to detail
- Excellent verbal and written communication skills
- Experience in financial services and/or blockchain projects (preferred)
- Security or cloud certifications (preferred)
Galaxy offers competitive compensation, comprehensive benefits, and a dynamic work environment in the exciting field of cryptocurrency and blockchain technology.
Responsibilities For Associate, Product Security Engineer
- Assist software and production engineering teams in applying threat modeling to their designs
- Assess security controls for specific designs, considering existing policies and standards
- Elaborate standards for engineering teams (e.g., OAuth usage, system/network hardening)
- Help teams understand vulnerabilities reported by security tools
- Build understanding of London and HK-built technology stacks
- Increase understanding of secure by design program for technology teams and stakeholders
Requirements For Associate, Product Security Engineer
- Bachelor or post-graduate diploma in cybersecurity or technology
- 2+ years work experience in product security, application security, cloud security, or software development of security features
- Strong understanding of authentication, authorization, TLS, PKI, network security, cloud security, system security
- Experience with threat modeling, risk assessment, controls review
- Familiarity with SAST, DAST, SCA
- Programming experience
- Strong analysis skills, detail oriented
- Very good verbal and written communication skills
- Experience in financial services and/or blockchain projects (preferred)
- Security or cloud certifications (preferred)
Benefits For Associate, Product Security Engineer
- Competitive base salary, bonus, and equity compensation
- Company-paid health and protective benefits for employees and their eligible dependents
- Free virtual coaching and counseling sessions
- Opportunities to learn about the Crypto industry
- Smart, entrepreneurial, and fun colleagues
- Employee Resource Groups
