Search...

Senior Security Application Engineer

BitGo logo
BitGo

BitGo is a digital asset infrastructure company offering secure and scalable solutions for the digital asset economy. They provide services like qualified custody, financial services, and protocol solutions to a wide range of clients, from individual investors to large institutions.

Distributed
About BitGo

BitGo is a digital asset infrastructure company trusted by thousands of institutions and millions of investors worldwide since 2013. The company provides battle-tested secure wallets, an intuitive user experience, and support for thousands of digital assets on a single platform, accelerating the transition of the financial system to a digital asset economy. Their offerings include qualified custody, self-custody wallets (hot, cold, and wallet-as-a-service), and financial services such as liquidity, financing, and collateral management. Core services include Wallet Services, Prime Services for liquidity and capital, Ecosystem solutions to list and manage assets, and the Go Network for secure, real-time global settlement. They also provide protocol solutions like staking, restaking, and token management, along with developer tools like an SDK and REST APIs. BitGo caters to various business models and use cases, including solutions for the Lightning Network, Bitcoin, token generation events, and tokenization, emphasizing enterprise-grade security with features like no single point of failure and third-party audits, including SOC certifications.

View jobs by BitGo

Skills

About the Role

You will lead the technical execution of the product security strategy, securing high-growth FinTech and Web3 digital asset platforms. You'll build end-to-end security programs and integrate automated security controls directly into the software development lifecycle. You'll bring your deep engineering background and hands-on experience defending complex cloud environments to secure blockchain-adjacent technologies, working full-time onsite at the Palo Alto office.

Requirements

  • 8+ years of experience engineering and scaling end-to-end security programs for high-growth startups
  • Proven background securing platforms within FinTech, Web3, and digital asset ecosystems
  • Strong engineering proficiency in distributed systems, microservices, and languages such as Python or Java
  • Hands-on mastery of container security, Kubernetes orchestration, and AWS infrastructure hardening
  • Practical knowledge of implementing technical controls to meet SOC 2 Type II and GDPR compliance standards
  • Deep expertise in securing AI/ML lifecycles, MLOps frameworks, and agentic AI platforms
  • Bachelor's degree in Computer Science, Engineering, or an equivalent technical field

Responsibilities

  • Lead comprehensive threat modeling and product security architecture reviews in collaboration with cross-functional teams
  • Integrate security automation into CI/CD pipelines utilizing SAST, DAST, and continuous vulnerability management tools
  • Architect and implement secure-by-default cloud infrastructure on AWS using Terraform and Kubernetes
  • Design and deploy robust encryption services, key management systems (KMS), and advanced data protection controls across distributed environments
  • Oversee operational security initiatives including corporate bug bounty programs, incident response workflows, and regular penetration testing engagements
  • Secure next-generation AI-integrated applications by establishing input/output validation protocols and LLM guardrails
  • Engineer proactive defenses to safeguard platform infrastructure against sophisticated adversaries and nation-state-level threats

Benefits

  • Competitive base salary, bonus and stock options
  • 100% company paid health insurance for employee, partner and dependents
  • Up to 4% 401k company match
  • Paid parental leave, Paid vacation
  • Free commuter/parking pass; near Caltrain
  • Free custom lunches, dinners and snacks
  • Computer equipment and workplace furniture to suit your needs