Security Engineer (Remote)
MAP SSG
- Chandan, Bihar
- Permanent
- Full-time
- 🛠️ Building foundational tools in the cryptocurrency space
- 📄 Over 1M tax forms generated
- 💲 $250B+ in cryptocurrency is tracked on CoinTracker (~over 5% of the entire crypto market)
- 🤝 Partnered with Coinbase, H&R Block, Intuit TurboTax, MetaMask, OpenSea, Phantom, Solana, and Uniswap
- 🗺️ Founders:
, , , , * 🌴 AwesomeYour missionEstablish and scale CoinTracker’s security foundation to meet the needs of our growing B2C, B2B, and B2G businesses.Your one year outcomes
- Define and implement the security roadmap: Identify short-term wins and establish the long-term foundation to scale CoinTracker’s security posture
- Establish core security foundations: Conduct a security gap assessment, implement baseline policies and controls, and lead third-party audits (e.g. SOC 2, pen test) to validate and strengthen our posture
- Embed security into engineering workflows: Introduce secure development practices (e.g. threat modeling, code scanning, secrets management), and partner with teams to proactively identify and mitigate risks in our systems and architecture
- Drive security operations: Define and operationalize security incident response processes, improve monitoring and detection capabilities, establish ongoing vulnerability management, and lead security postmortems to drive continuous improvements
- As CoinTracker’s first Security Engineer, you’ll be hands-on in building the infrastructure, processes, and culture needed to protect our systems, data, and users.
- Define and execute the security roadmap, balancing near-term wins with long-term investments across infrastructure, cloud, application security, and security operations
- Conduct a security gap assessments and implement baseline controls, policies, and best practices
- Lead key security initiatives including third-party audits (e.g. SOC 2, penetration testing), security certifications (ISO 27001), incident response readiness, and vulnerability management
- Partner closely with engineering teams to embed security into SDLC — from threat modeling to code scanning to secrets management
- Foster a strong security culture across the company by driving awareness, education, and best practices
- Impact: Demonstrated ability to drive business impact
- Mission alignment: Hungry and motivated about making progress towards our mission of Enabling everyone in the world to use crypto with peace of mind.
- Trust: Say what you believe. Do what you say.
- Communication: Able to clearly talk about the details and also zoom out to the bigger picture
- 8+ years of experience in security engineering or related technical roles, ideally in fast-paced startup or growth-stage environments
- Deep understanding of core security domains including application security, infrastructure and cloud security, identity and access management, security operations and incident response
- Hands-on experience implementing security measures and working directly with engineering and infrastructure teams
- Experience with security frameworks like SOC 2, ISO 27001, NIST, and GDPR
- Experience leading or supporting third-party audits, penetration testing, and internal risk assessments
- Resourceful, pragmatic, and comfortable working in ambiguity — able to move fast while building for the long term
- U.S. citizen and U.S. resident
- (Bonus) Familiarity with the unique risks and threat models in crypto or financial services
- (Bonus) Security certifications such as CISSP and GIAC