Create Profile Get Hired (Beta)

Security Architect/Engineer

Alarm Full Time

Job Description

CoinFlip is a leading fintech company powered by cryptocurrency. Believing everyone deserves to participate in the new digital economy, the company operates one of the world’s largest networks of cryptocurrency ATMs — with over 4,000 active kiosks — as well as an over-the-counter trading desk. In 2022, CoinFlip became an international company by expanding into Canada, and launched CoinFlip Ventures, a new initiative designed to support start-up companies. 

CoinFlip placed No. 60 on the 2021 Inc. 5000 list of the nation’s fastest-growing private companies. CoinFlip was also named the 2021 and 2022 #1 fastest-growing company in Chicago by Crain’s Business. 

As our growth trajectory continues, we’re looking to quickly expand all of our teams. It’s an exciting time to join CoinFlip as we’re pursuing additional business lines and continued international expansion to further cement us as a leading financial technology company. 

This role will be critical for ensure security standards are implemented and reviewed for our CoinFlip online customer platform. This includes close collaboration with our design and development teams throughout the development cycle but also when evaluating the underlying infrastructure.
The ideal candidate has a good understanding of crypto, cloud infrastructures and modern technologies. A background in development will be helpful.

Responsibilities and Qualifications:

  • Capable of shifting between architectural reviews, writing security development policies, consulting with engineers or managers, and supporting the security awareness program by providing documented examples and training sessions to developers and engineers
  • Ensure the organization implements a security architecture that enables CoinFlip to grow but also keeps infrastructure and customer data secure
  • Ensure security monitoring is in place to detect and respond to critical events throughout the environment. Experience with solutions like Grafana/Sentinel/Defender and others are key
  • Experience with working in a rapid evolving environment and adoption of new technologies
  • Experience with performing architecture reviews to steer projects in the right direction early, lead security reviews, and develop security ownership throughout the different groups at CoinFlip
  • Experience with creating threat models and leverage them to prioritize based on risk impact. This includes the prioritization of vulnerabilities identified during SAST, DAST and Penetration Testing, but also actively collaborating with the different teams on remediation
  • Hands on experience is a must
  • Preferred certifications include: CEH, CSSLP, AWS Security
  • Nice to Have:

  • Basic knowledge of cryptocurrency and blockchains
  • General passion and knowledge of fintech and crypto
  • Knowledge of cyber risk quantification methodologies
  • CoinFlip


    CoinFlip is a leading financial services platform focused on the digital economy. Headquartered in Chicago, CoinFlip operates the world’s largest network of cryptocurrency ATMs by volume and an over-the-counter trading desk, giving the world quick, easy, and secure access to the benefits of cryptocurrency.

    CoinFlip placed No. 60 on the 2021 Inc. 5000 list, making it the top-ranked cryptocurrency company in the most prestigious ranking of the nation’s fastest-growing private companies. CoinFlip was also named the 2021 #1 fastest-growing company in Chicago by Crain’s and was awarded the 2021 Silver Stevie ® Award for Customer Service.

    With a 5-year growth rate of 1,715,091.9%, the company is looking to quickly expand its current headcount across all departments. It’s an exciting time to join CoinFlip as it plans to add additional business lines, expand internationally, and cement itself as a leading fintech company.

    Similar Jobs

    Application Security Engineer

    Parity Technologies
    Full Time Full Time
    Dec 08, 2022

    Technical Senior Security Program Manager

    Full Time Full Time
    Dec 08, 2022

    Manager, Security Architecture & Engineering

    Genesis Trading
    New York City
    Full Time Full Time
    Dec 25, 2022

    Senior Engineer, Data Engineering

    Full Time Full Time
    Dec 07, 2022

    Staff Data Engineer

    Full Time Full Time
    Dec 07, 2022

    Junior Full-Stack Software Engineer

    Full Time Full Time
    Dec 08, 2022

    Senior Distributed Systems Engineer, Team Lead

    Full Time Full Time
    Dec 07, 2022
    You Might Also Be Interested In The Job Below

    Application Security Engineer

    Remote - Remote
    Alarm Full Time

    Job Description

    We are seeking an innovative and accomplished Application Security Engineer to join the Parity Security team. You will take a critical role in upholding the security of Parity Technologies products, from conceptual in their design to completion.

    You will influence the technical architecture of new products, ensuring that security is a keystone in their designs. You would be the owner of Application security of new and existing products through pentesting and threat modelling, and contributing towards internal tooling and integration to ensure that security is baked into the software development lifecycle. Engineers will come to you as a trusted source of guidance for the secure development and maintenance of their products. Your insight will be consulted for strategic technical decisions, to guarantee that security is not an afterthought in our technical roadmap.

    Being part of the preventative defense for our company, you'll identify and mitigate emerging threats to Parity Technologies environment stemming from vulnerabilities and architectural issues in the earlier stages of our products. Educating engineers on secure development practices will come into play, through a combination of educational software and your guidance. 

    A day in the life:

    • Work with other application security engineers on technical development of project in JavaScript/TypeScript or Rust. Contributing to the main public open-source projects shaping the future of the ecosystem.
    • Provide technical expertise and guidance for developers around the secure development of their products. Keep up to date with evolving InfoSec trends, emerging risks, and growing industry-wide technological shifts.
    • Perform assessments of products, such as pentests, or services that are being tested but are not yet in production.
    • Sympathize with the goals trying to be achieved by other teams; help to push solutions out securely rather than just blocking solutions outright. We're here to work with others getting their products out in a manner that's secure for our customers, not to just reject solutions without context.

    About you:

    • Experience working with JavaScript APIs and Node.js. We use TypeScript, but good if you don’t know it and want to learn it OR Rust programming, you’ve probably played with it in your spare time, if not at a previous job.
    • Ability to learn new technologies and concepts quickly.
    • Have exposure to cryptography, decentralized networking, hardware key management solutions. Basics at least, we want you to be motivated to learn more.
    • Know your security tools and approaches: you should be leading our way when setting up SAST, DAST, fuzzing, property-based testing, symbolic execution, network simulation tools and such.
    • Be a self-starter: most of the time there would be little guidance on which areas to work on first and what to improve there. You’re expected to determine that yourself, keeping company-wide goals in mind, and drive those initiatives to completion.

    If possible, we'd also love you to have:

    • Have experience in threat modelling, red/blue teaming, working with best in class independent security teams and turning their findings into actual deployed fixes in our codebase;
    • Prior work experience in blockchain/cryptocurrency fields.
    • A background in open-source software development.
    • Passionate about Web 3.0 and what it represents for the future.
    • Anywhere in the world, we want you!

    Flexible working and Remote? Yes, please!

    About Parity

    The team at Parity builds core infrastructure to power a better internet. We do this by innovating in and fostering the open-source ecosystem surrounding blockchain development, also known as Web 3.0.

    Every day we interact with technologies controlled by a handful of large companies whose interests often conflict with our own. Despite that conflict, we still use their software either because many of the benefits seem to outweigh any perceived risk, we feel there is no choice, or there is no better alternative. As a result, we end up granting such companies access to our personal data which, in turn, gives them far-reaching control over our digital lives and in that, unprecedented influence over a multitude of globally impactful initiatives and innovations.

    Parity Technologies is a team of the world’s premiere blockchain developers building industry-leading technologies that enable developers to create the next wave of better products and services that respect the freedom and data of individuals. You’ll join at a critical moment when the future of the decentralized web is being shaped, and perform an influential role in making a more equitable society for our future. 

    We primarily steward the Substrate ecosystem which includes Polkadot and Kusama, both of which are next-generation, sharded, multichain networks. Our flagship product, Substrate, is an open-source modular and extensible blockchain-building framework that allows rapid innovation and fast deployment of custom-built blockchains. Substrate provides the core building blocks of blockchains built for deployment to Polkadot and Kusama. Our key programming language is Rust, and all of our work is open source.