Product Security Lead
Location: New Zealand
Founded in 2018 and headquartered in New Zealand we’re a team of over 90 based across NZ, Australia, South Africa, Brazil, Indonesia, Malaysia and the Philippines, collaboratively hustling to make buying, selling and swapping crypto currency, fast, safe and easy for anyone. In fact, we’re probably one of NZ’s fastest growing, biggest businesses that no one has ever heard of.
With over 100,000 users and numbers doubling every 4 months, we’re rapidly expanding, and pride ourselves on seeking out diverse perspectives when it comes to imagining our future. We aren’t constrained by what’s been done in the past, we think about what’s possible and we achieve it as a team. Overall, we think we’re a pretty awesome team to be a part of who will always have your back!
Who we’re looking for:
This role will be instrumental in setting up a consumable baseline of security controls to be used by our Development and Platform teams. With the support of Security leadership, you’ll be responsible to collaborate with Development and Platform team members to understand their needs and constraints, and ensure we’re building and continuously improving the security capabilities which are made available to them.
To sum it up your role will involve:
This role will be instrumental in leading the adoption of security practices in developing our products and services. You’ll be responsible for collaborating with Development and Platform team members to understand their needs and constraints, and ensure we’re building and continuously improving the security capabilities which are made available to them, so we can make the “secure thing”, the “easy thing” to do.
To sum it up your role will involve:
- Working with development teams and helping them implement and manage security capabilities and related outputs, as determined by our security programme. You’ll be building and supporting consumable security capabilities for other teams to use in their process
- Help level up the security team by bringing expertise and pragmatism in addressing technical and business challenges, and support in training the technical organisation in good security practices through practices such as threat modelling and workshop facilitation
- Help ensure our applications are developed securely and you’ll provide leadership in how we do this
- Work with the Platform teams to standardise and provide security capabilities as a component of Platform service adoption across the technical organisation.
- Autonomy to explore different solutions to security challenges, and work with technical teams to recommend and support appropriate tools and practices to our context
- Write and run security tests to integrate into continuous integration and continuous delivery practices, and provide continuous validation of security posture
- Support security tool selection and deployment
- Help manage and prioritise vulnerability remediation
The skills you’ll bring:
- Experience in getting DevSecOps programmes jump-started
- At least 5 years experience in Security Engineer or Application Security related roles, with roles having a strong exposure to Software development. Previous SaaS experience is desirable, but not essential.
- Experience in cloud migration projects (between clouds)
- Proven experience in managing different cloud environments. Experience in GCP and Cloudflare is desirable, but not essential
- Intimate knowledge of CI/CD systems. Experience in Gitlab and Github Actions is desirable but not essential
- Working understanding of OWASP Application Security Verification Standard and Cloud Security practices
- Management or team lead experience is desirable, but not essential
- You love supporting others and making yourself available to help other team members tackle their security challenges, whilst bringing your expertise to help up-skill and be up-skilled by your peers.
Why not check out our website to take a look at how easy we’re making crypto for our customers. We’re still working on our careers page so unfortunately you won’t learn a heap about what it’s like to work for us there (just yet), but here’s a few of the things we think are really great:
- Work remotely from anywhere in NZ.
- We’re remote but not removed- we pride ourselves on connecting socially and connecting no matter what the distance is.
- A team where everyone has a voice and a chance to impact how we succeed- when we say we’re collaborative and we’ll have your back we genuinely mean it.
Submit your CV and cover letter, sharing why you’d like to be part of the Easy Crypto team and we’ll be in touch.
If you have any queries about this role, please reach out to [email protected]
Related Job Positions
Sorry, we couldn't find any posts. Please try a different search.