Full-Time

VP – Senior Offensive Security Engineer

Updated on 5/9/2024

Galaxy

Galaxy

501-1,000 employees

Financial platform for digital assets and blockchain

Financial Services

Senior, Expert

New York, NY, USA

Required Skills
Python
Communications
Java
Requirements
  • Security certification in cybersecurity testing (OSWE/OSCP/OSWA/eWPTX/BSCP or equivalent)
  • Bachelor or post-graduate diploma in cybersecurity or technology
  • 5+ years experience in security research and web penetration testing
  • 3+ years experience with cloud and container architectures
  • Programming and scripting language experience; Java, C++, Python, or similar languages
  • Attention to detail, to be able to plan and execute tests on a wide range of applications
  • Excellent communication skills and the ability to collaborate effectively with cross-functional teams
  • Ability to think creatively and strategically to identify flaws and vulnerabilities
  • Experience with automated security testing such as DAST, SAST, SCA
Responsibilities
  • Design and implement the security testing program with guidance from the director of product security and help from product security team members
  • Plan testing activities, communicate with involved teams (software engineering, SRE, …)
  • Perform security-focused code reviews
  • Perform manual testing of security features such as authentication, authorization
  • Perform adversarial tests in an ethical manner using manual and automated techniques, creating a repository of methods and scripts that will be augmented regularly; Provide report of vulnerabilities
  • Recommend off-the shelf and specialized testing tools for the firm
  • Develop an extensive knowledge of the technical architecture and business functionality of Galaxy products
  • Help maintain and address stability of the testing environment
  • Be an advocate of security testing to software engineering and product teams, and help them develop a mindset of thinking about adverse scenarios and how a system can be subverted
  • Provide guidance to development and SRE teams on the mitigation of vulnerabilities
  • Stay informed of the latest developments in adversarial tactics and techniques and application vulnerabilities - especially in financial and digital asset space - and adapt the strategy or tooling to address new threats

Galaxy is a leading provider in the digital asset and blockchain industry, offering a comprehensive financial platform that includes Global Markets, Asset Management, and Digital Infrastructure Solutions. The company’s commitment to integrating advanced technologies such as trading, lending, advisory services, and institutional-grade investment solutions, positions it at the forefront of the financial technology space. With additional services like proprietary bitcoin mining and hosting, network validator services, and enterprise custodial technology, this firm not only spearheads technical advances but also ensures secure and efficient digital asset management for its clients.

Company Stage

IPO

Total Funding

$523M

Headquarters

New York, New York

Founded

2018

Growth & Insights
Headcount

6 month growth

0%

1 year growth

-1%

2 year growth

3%