Product Security Engineer

One of the great things about working at MoonPay is that we are fully remote. Our global team spans 25+ countries, and we pride ourselves on having a connected and inclusive culture that empowers people to do their best work. We give our team autonomy to move fast, innovate and take responsibility. Join us in our mission to build a better financial world!

What you’ll do 👀

• Partner with engineering to perform regular product security assessments and threat modelling.
• Respond to vulnerabilities disclosed through our vulnerability disclosure program (bug bounty) and our own vulnerability discovery.
• Maintain internal documentation and standards for security best practices.
• Develop tooling to automate and scale our security assessment processes.
• Design and develop features to improve the security of our products.
• Participate and support the incident detection and response process.
• Provide security advice and mentorship to the engineering team.

You should apply if ✅

• You have a deep knowledge and understanding of modern web technologies and their weaknesses.
• You have hands-on experience performing web application penetration testing, code reviews, architecture reviews and threat modelling.
• You have good programming skills.
• You have experience working with security tooling such as SAST, DAST and IAST.
• You are comfortable explaining technical concepts like vulnerabilities and discussing effective mitigations.
• You have knowledge and experience detecting and mitigating OWASP 10 vulnerabilities
• You are experienced at supporting the response to security incidents.

Bonus points if:

• You have experience working in a regulated industry.
• You have worked with JavaScript codebases and frameworks e.g Typescript, Node.js and React.
• You have completed or are in the process of completing security certifications such as CISSP, GWEB, OSWE.
• You contribute to the security industry through research, talks etc

Research has shown that women are less likely than men to apply for this role if they do not have solid experience in 100% of these areas. Please know that this list is indicative and that we would still love to hear from you even if you feel you only are a 75% match. Skills can be learnt, diversity cannot.

We promote a diverse and inclusive culture at MoonPay.

Logistics 🛠

Unfortunately, we are unable to offer visas of any kind at this time.

For this role we are ideally looking for a candidate based in the US at this time.

Our interview process takes place on Zoom and tends to consist of the following stages:

• Recruiter call (30 minutes)
• Initial screen (30-45 minutes)
• Final interview (2 hours)

Please let us know if you require any accommodations for the interview process, and we’ll do our best to provide assistance.

Benefits 💰

• Stock options 📈
• Unlimited holidays 🏝
• Home office equipment allowance of $600 USD (or local equivalent) 🪑
• Working in a disruptive and fast-growing industry where the possibilities are endless 🚀
• Fully remote: your life, your way of working 🌎
• Freedom, autonomy and responsibility 💪
• Annual company retreat 🧘‍♀️