Security Application Engineer

• •Lead comprehensive threat modeling and product security architecture reviews in collaboration with cross-functional teams.
• •Integrate security automation into CI/CD pipelines utilizing SAST, DAST, and continuous vulnerability management tools.
• •Architect and implement secure-by-default cloud infrastructure on AWS using Terraform and Kubernetes.
• •Design and deploy robust encryption services, key management systems (KMS), and advanced data protection controls across distributed environments.
• •Oversee operational security initiatives including corporate bug bounty programs, incident response workflows, and regular penetration testing engagements.
• •Secure next-generation AI-integrated applications by establishing input/output validation protocols and LLM guardrails.
• •Engineer proactive defenses to safeguard platform infrastructure against sophisticated adversaries and nation-state-level threats.

Disrupting an industry takes vision, innovation, passion, technical chops, drive to deliver, collaboration, and execution. Join a team of great people who strive for excellence and personify our corporate values of ownership, craftsmanship, and open communication. We are looking for new colleagues who bring innovative ways of thinking and problem solving, and who want risks to be part of the team that changes the world’s financial markets.

Here are some of the benefits* of working at BitGo:

• •Competitive base salary, bonus and stock options
• •100% company paid health insurance for employee, partner and dependents
• •Up to 4% 401k company match
• •Paid parental leave, Paid vacation
• •Free commuter/parking pass; near BART and Muni
• •Free custom lunches, dinners and snacks
• •Computer equipment and workplace furniture to suit your needs
• •Great colleagues and inspiring startup environment

*Benefits may vary based on location.

• •8+ years of experience engineering and scaling end-to-end security programs for high-growth startups.
• •Proven background securing platforms within FinTech, Web3, and digital asset ecosystems.
• •Strong engineering proficiency in distributed systems, microservices, and languages such as Python or Java.
• •Hands-on mastery of container security, Kubernetes orchestration, and AWS infrastructure hardening.
• •Practical knowledge of implementing technical controls to meet SOC 2 Type II and GDPR compliance standards.
• •Deep expertise in securing AI/ML lifecycles, MLOps frameworks, and agentic AI platforms.
• •Bachelor’s degree in Computer Science, Engineering, or an equivalent technical field.