Staff Security Engineer, Product Security
Alterya by Chainalysis is an AI-powered crypto fraud prevention tool designed to safeguard customers from authorized push-payment (APP) fraud and secure platforms with advanced threat intelligence.
Funding
Investors
Projects
About Alterya by Chainalysis
Alterya by Chainalysis connects crypto fraud across financial identifiers to block scams instantly. It safeguards customers from authorized push-payment (APP) fraud and secures platforms with AI-powered threat intelligence. The service detects and blocks fraudulent payments before funds leave a customer's account, monitors over $8B in monthly transactions, and protects over 100M users. It helps businesses grow by reducing false declines and increasing approval rates, thereby building customer trust and ensuring compliance with fraud management regulations. Alterya provides 360° protection from scams and money mules by automatically preventing payments to scammers, identifying fraudulent accounts during KYC processes, linking scam activity across networks with reliable intelligence, and tracking fraudulent activity on the platform.
Skills
About the Role
You'll be the technical lead for product security across one or more product areas. You'll run security reviews for new launches and AI tooling, perform hands-on pentests, ship code and fixes directly into product repos, own the Vulnerability Disclosure Program, and drive SOC2 and risk-framework work across R&D. You'll also participate in a shared on-call rotation for production security incidents, partnering closely with product and platform engineering teams to secure the SaaS platform used by governments, banks, and crypto exchanges.
Requirements
- 8+ years of application security engineering experience
- Strong production coding ability in at least one of Java (preferred), TypeScript/JavaScript, Python, or Go
- Building security automation into CI/CD pipelines
- Hands-on penetration testing of production SaaS applications, including custom tests scoped to new product launches
- Threat modeling, secure design reviews, and static/dynamic code analysis across the SDLC
- Identifying and remediating common web application vulnerabilities (OWASP Top 10)
- Experience securing internal AI/LLM platforms and coding agents
Responsibilities
- Lead Product Security across Chainalysis' SaaS offerings, partnering with product and platform engineering teams on design, code, and remediation
- Own Unified Security Review process for new product launches, vendor evaluations, and AI tooling, including custom penetration tests scoped to each review
- Drive Security Engineering Risk Management Framework for consistent risk classification and remediation tracking across product
- Lead the Vulnerability Disclosure Program and security bug reporting workflow, from researcher intake through fix
- Drive SOC2 and compliance-related security remediation across product engineering, partnering with R&D leads on architectural fixes
- Provide security review and guardrails for internal AI platforms and coding agents
- Participate in a shared on-call rotation for high-severity production security incidents
