About Company
Gemini Trust Company, LLC (Gemini) is a next generation cryptocurrency exchange and custodian that allows customers to buy, sell, stake, and store digital assets such as bitcoin and ether. Gemini is a New York trust company that is held to the highest level of fiduciary obligations, capital reserve requirements, and banking compliance standards. Gemini was founded in 2014, by brothers Cameron and Tyler Winklevoss, to build a bridge to the future of money. For more information, visit Gemini.com.
Job Description
Summary
The Department: Threat Detection & Response
In the emerging industry of digital assets, there is nothing more important than trust (which iswhy Gemini’s very first hires were Security experts). The Gemini Security team forms thebackbone of all that we do and is as diverse as the number of challenges we tackle in the crypto space. From security architecture and engineering to maintenance of cold storage systems and data centers to cybersecurity and litigation support, our team ensures that our customers, clients, and employees are safe, secure, and supported.
The Role: Staff Security Engineer
We are seeking an experienced and highly skilled Security Staff Engineer to join our team. This role is crucial in shaping our security strategy, leading the design and implementation of security solutions, and ensuring our infrastructure and applications are robust against threats. The ideal candidate will possess deep expertise in security engineering, strong leadership skills, and a proactive approach to problem-solving.
This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office.
Responsibilities:
- Security Strategy and Leadership:
- Lead the development and implementation of security strategies, policies, and procedures.
- Provide technical leadership and guidance to security engineering teams and other stakeholders.
- Stay current with industry trends, emerging threats, and new technologies to ensure our security practices remain effective.
- Design and Implementation:
- Architect and design secure systems, applications, and infrastructure to protect against threats and vulnerabilities.
- Develop and implement security controls, monitoring systems, and response mechanisms.
- Collaborate with engineering teams to integrate security practices throughout the software development lifecycle.
- Risk Management and Mitigation:
- Identify and assess security risks, vulnerabilities, and threats to our systems and data.
- Develop and implement risk mitigation strategies and incident response plans.
- Conduct regular security assessments, penetration tests, and vulnerability scans.
- Compliance and Governance:
- Ensure compliance with industry standards, regulations, and best practices (e.g., GDPR, CCPA, NIST, ISO 27001).
- Develop and maintain documentation related to security policies, procedures, and compliance requirements.
- Incident Response:
- Lead incident response efforts for security breaches, including investigation, containment, and remediation.
- Conduct post-incident analysis to identify lessons learned and improve security posture.
- Mentorship and Training:
- Mentor and train junior security engineers and other team members on security best practices and technologies.
- Promote a culture of security awareness and continuous improvement within the organization.
- Collaboration and Communication:
- Work closely with cross-functional teams, including IT, development, and operations, to address security concerns and integrate security solutions.
- Communicate security risks, strategies, and updates to senior management and other stakeholders.
Qualifications:
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or an equivalent experience.
- 8-10+ years of experience in security engineering, with a strong background in designing and implementing security solutions.
- Deep expertise in security technologies, including firewalls, intrusion detection/prevention systems, encryption, and vulnerability management.
- Proven experience with cloud security, network security, application security, and identity and access management.
- Strong understanding of security frameworks, standards, and regulations (e.g., NIST, ISO 27001, PCI-DSS).
- Excellent problem-solving skills and the ability to handle complex security challenges.
- Strong communication skills, with the ability to convey technical information to non-technical stakeholders.
It Pays to Work Here
The compensation & benefits package for this role includes:
- Competitive starting pay
- A discretionary annual bonus
- Long-term incentive in the form of a new hire equity grant
- Comprehensive health plans
- 401K with company matching
- Paid Parental Leave
- Flexible time off
Salary Range: The base salary range for this role is between $168,000 - $240,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate’s compensation, we consider a number of factors including skillset, experience, job scope, and current market data.
In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce.
Skills
- Communications Skills
- Cybersecurity Solutions
- Development
- Problem Solving
- Software Engineering
- Strategic Thinking
- Team Collaboration
