This role will require being full-time onsite at our San Francisco office to support collaborative team dynamics and innovative problem-solving.
We are seeking a Senior Application Security Engineer to lead the technical execution of our product security strategy. This role focuses on securing high-growth FinTech and Web3 digital asset platforms by building end-to-end security programs and integrating automated security controls directly into the software development lifecycle. The ideal candidate has a deep engineering background, hands-on experience defending complex cloud environments, and a passion for securing blockchain-adjacent technologies.
Key Responsibilities:- Lead comprehensive threat modeling and product security architecture reviews in collaboration with cross-functional teams.
- Integrate security automation into CI/CD pipelines utilizing SAST, DAST, and continuous vulnerability management tools.
- Architect and implement secure-by-default cloud infrastructure on AWS using Terraform and Kubernetes.
- Design and deploy robust encryption services, key management systems (KMS), and advanced data protection controls across distributed environments.
- Oversee operational security initiatives including corporate bug bounty programs, incident response workflows, and regular penetration testing engagements.
- Secure next-generation AI-integrated applications by establishing input/output validation protocols and LLM guardrails.
- Engineer proactive defenses to safeguard platform infrastructure against sophisticated adversaries and nation-state-level threats.
Qualifications:- 8+ years of experience engineering and scaling end-to-end security programs for high-growth startups.
- Proven background securing platforms within FinTech, Web3, and digital asset ecosystems.
- Strong engineering proficiency in distributed systems, microservices, and languages such as Python or Java.
- Hands-on mastery of container security, Kubernetes orchestration, and AWS infrastructure hardening.
- Practical knowledge of implementing technical controls to meet SOC 2 Type II and GDPR compliance standards.
- Deep expertise in securing AI/ML lifecycles, MLOps frameworks, and agentic AI platforms.
- Bachelor's degree in Computer Science, Engineering, or an equivalent technical field.
Pay Transparency Notice: Depending upon your leveling and location, the compensation for this role averages between $200,000 - $245,000 USD base salary. Equity, an annual performance bonus and the benefits outlined below are also a part of this role's package.
Here are some of the benefits* of working at BitGo:
- Competitive base salary, bonus and stock options
- 100% company paid health insurance for employee, partner and dependents
- Up to 4% 401k company match
- Paid parental leave, Paid vacation
- Free commuter/parking pass; near BART and Muni
- Free custom lunches, dinners and snacks
- Computer equipment and workplace furniture to suit your needs
- Great colleagues and inspiring startup environment
*Benefits may vary based on location
