Security Engineer

About Paxos

Today’s financial infrastructure is archaic, expensive, inefficient and risky — supporting a system that leaves out more people than it lets in. So we’re rebuilding it.

We’re on a mission to open the world’s financial system to everyone by enabling the instant movement of any asset, any time, in a trustworthy way. For over a decade, we’ve built blockchain infrastructure that tokenizes, custodies, trades and settles assets for the world’s leading financial institutions, like Mastercard, Visa, Robinhood, and Pay Pal.

The Security team is a specialized, deeply technical, and vigilant group tasked with protecting our digital assets, customer funds, and sensitive data against a sophisticated threat landscape. The team has many pillars, such as Application and Blockchain Security, Cloud Security, Security Operations, GRC, and IT.

As a Staff Security Engineer at Paxos, you will play a pivotal role in designing, building, and securing products, infrastructure, and operational flows. You will leverage your expertise in security principles, threat modeling, cloud security, distributed systems, cryptography, and modern software development practices to ensure the security of our platform.

• Implement Next-Gen Defenses: Lead the design and implementation of secure infrastructure application architecture, and standards. You will influence the security of our systems, including hot/cold signing services, distributed systems in Kubernetes, network controls, blockchain & asset bridges, etc.

• Drive the Secure SDLC: Embed security into the development lifecycle. You won't just audit code; you will build the pave-the-road tooling and CI/CD guardrails that make it easy for developers to ship secure code by default.

• Threat Modeling & Risk: Conduct deep-dive threat modeling sessions for new products (e.g., new chain integrations, bridge architecture, etc.). You will identify issues and economic attack vectors that automated tools miss.

• Incident Response Leadership: Serve as an Incident Commander during high-severity security events. You will refine our IR playbooks, lead war games/tabletop exercises, and ensure we can detect and neutralize threats in seconds, not days.

• Cryptography & Key Management: Oversee the lifecycle of cryptographic material. You will ensure our use of HSMs (Hardware Security Modules) and key management services adheres to the strictest industry standards.

• Mentorship & Culture: Elevate the team around you. You will mentor Senior and Mid-level security engineers, champion a "security-first" culture within the wider engineering team, and act as a pragmatic partner to Product managers.

• 8+ years of experience securing distributed systems in high-growth technology companies

• Proven track record of leading complex security initiatives from conception to delivery

• Strong experience with microservices architecture (Kubernetes, Istio, etc.) and cloud-native security controls

• Experience mentoring engineers and driving security excellence across teams

• Excellent communication skills with the ability to influence technical decisions across the organization

• Demonstrated experience using AI tools to improve how you work

• Bachelor's degree in Computer Science or equivalent practical experience