Staff Security Engineer

About Paxos 

Today’s financial infrastructure is archaic, expensive, inefficient and risky — supporting a system that leaves out more people than it lets in. So we’re rebuilding it.

We’re on a mission to open the world’s financial system to everyone by enabling the instant movement of any asset, any time, in a trustworthy way. For over a decade, we’ve built blockchain infrastructure that tokenizes, custodies, trades and settles assets for the world’s leading financial institutions, like Mastercard, Visa, Robinhood, and PayPal. 

About the team

The Security team is a specialized, deeply technical, and vigilant group tasked with protecting our digital assets, customer funds, and sensitive data against a sophisticated threat landscape. The team has many pillars, such as Application and Blockchain Security, Cloud Security, Security Operations, GRC, and IT.

About the role 

As a Staff Security Engineer at Paxos, you will play a pivotal role in designing, building, and securing products, infrastructure, and operational flows. You will leverage your expertise in security principles, threat modeling, cloud security, distributed systems, cryptography, and modern software development practices to ensure the security of our platform.

What you’ll do 

• Implement Next-Gen Defenses: Lead the design and implementation of secure infrastructure application architecture, and standards. You will influence the security of our systems, including hot/cold signing services, distributed systems in Kubernetes, network controls, blockchain & asset bridges, etc.

• Drive the Secure SDLC: Embed security into the development lifecycle. You won't just audit code; you will build the pave-the-road tooling and CI/CD guardrails that make it easy for developers to ship secure code by default.

• Threat Modeling & Risk: Conduct deep-dive threat modeling sessions for new products (e.g., new chain integrations, bridge architecture, etc.). You will identify issues and economic attack vectors that automated tools miss.

• Incident Response Leadership: Serve as an Incident Commander during high-severity security events. You will refine our IR playbooks, lead war games/tabletop exercises, and ensure we can detect and neutralize threats in seconds, not days.

• Cryptography & Key Management: Oversee the lifecycle of cryptographic material. You will ensure our use of HSMs (Hardware Security Modules) and key management services adheres to the strictest industry standards..

• Mentorship & Culture: Elevate the team around you. You will mentor Senior and Mid-level security engineers, champion a "security-first" culture within the wider engineering team, and act as a pragmatic partner to Product managers.

About you

• 8+ years of experience securing distributed systems in high-growth technology companies

• Proven track record of leading complex security initiatives from conception to delivery

• Strong experience with microservices architecture (Kubernetes, Istio, etc.) and cloud-native security controls

• Experience mentoring engineers and driving security excellence across teams

• Excellent communication skills with the ability to influence technical decisions across the organization

• Demonstrated experience using AI tools to improve how you work

• Bachelor's degree in Computer Science or equivalent practical experience

Disclaimer: The first week of employment will be conducted in person at our New York City headquarters. By applying to this role, you acknowledge and agree that you will be able to travel to and work from our New York City office for onboarding during this period.

Important Notice for Paxos Applicants

We’ve become aware of fraudulent accounts posting as Paxos recruiters on LinkedIn and other platforms. These scammers attempt to deceive applicants into paying for job opportunities or providing personal financial information.

To verify a legitimate Paxos recruiter:

• We only use @paxos.com email addresses

• We never ask for payment or financial details to apply, interview, or work here

• For technical roles, we do not perform a coding interview without prior screening by our engineering team

Thanks for your interest in Paxos!