Senior Security Engineer Automation

<p><b style="font-size: 16px;">About MoonPay</b></p><p><br></p><p><span style="font-size: 16px;">Hi, we’re MoonPay. We’re here to onboard the world to the decentralized economy by making digital money move as universally and effortlessly as the internet.</span></p><p><br></p><p><b style="font-size: 16px;">Why?</b></p><p><br></p><p><span style="font-size: 16px;">Because crypto, stablecoins and blockchain aren’t just technologies. They’re tools for global financial empowerment. They give people and businesses more control over their money, their digital assets, and their future, opening access to legacy financial systems that have been out of reach for many.</span></p><p><br></p><p><b style="font-size: 16px;">What we do</b></p><p><span style="font-size: 16px;">MoonPay is a unified payments platform for digital currency. We make it easy for anyone, anywhere, to buy, sell, swap and pay in digital currencies as easy as sending an email. That simplicity is intentional, our focus is reducing complexity so people can participate confidently, without needing to be crypto experts. We power the entire flow between fiat and crypto end to end, with compliance, identity checks, fraud prevention, and settlement all built in. This end-to-end approach reflects how we work internally: with accountability, rigor, and trust built into everything we ship.</span></p><p><br></p><p><b style="font-size: 16px;">Proven at scale</b></p><p><br></p><p><span style="font-size: 16px;">Trusted by over 30 million customers and over 500 ecosystem partners, our secure, enterprise-grade platform is driving mainstream crypto adoption worldwide. Behind those numbers are millions of real people and organizations relying on MoonPay every day. </span></p><p><br></p><p><span style="font-size: 16px;">We collaborate with innovative brands and projects to build secure, scalable solutions for a blockchain-powered future. This is an opportunity to help shape systems, not just scale them. And we’re committed to doing it right. Fully licensed in the U.S. and regulated across the UK, EU, Canada, and Australia, because trust and compliance are non-negotiable. </span></p><p><br></p><p><span style="font-size: 16px;">But we’re just getting started. We’ve launched a consumer app that makes crypto accessible, intuitive, and usable for everyone, and it’s growing fast. We’re iterating every day to make it the best it can be. </span></p><p><br></p><p><span style="font-size: 16px;">If you believe financial freedom should be for everyone. If you believe in building a fairer, more open financial system - we want you with us. To build systems that benefit all, we need contributions from all, regardless of background. </span></p><p><br></p><p><span style="font-size: 16px;">Come build the future of payments and the decentralized economy with MoonPay. Let’s make financial freedom and autonomy the new normal.</span></p>\n<p></p><p><br></p><b>About the Opportunity </b><div>
<p>Our Product Security Squad is a dynamic blend of proactive defenders and inquisitive problem-solvers. We're dedicated to fortifying our systems through rigorous security reviews, hands-on penetration testing, and proactive threat modelling. We actively manage our Bug Bounty program, ensuring swift response and remediation, and leverage cutting-edge tools like Cloudflare's WAF to build robust defenses. We offer an extensive number of security services to our Engineering teams including cloud security,&nbsp; tailored security advice, threat modelling and penetration testing. Collaboration is key, as we embed security best practices throughout the SDLC. Crucially, we are expanding our capabilities in security automation and vulnerability management, integrating tooling directly into development workflows and driving efficient vulnerability resolution across the organization. We are constantly researching emerging threats, crafting effective mitigation strategies, empowering our engineering teams with comprehensive training, maintaining up-to-date security standards, and leading incident response with precision. We are passionate about fostering a secure environment and contributing to the wider security community.</p>
</div><p><br></p><b>What you will do</b><div>
<ul>
<li>
<p>Design, implement, and manage the integration of security tooling (SAST, DAST, SCA, Secrets Scanning) into our CI/CD pipelines.</p>
</li>
<li>
<p>Develop and maintain automation scripts and platforms to streamline security processes and workflows.</p>
</li>
<li>
<p>Own and operate the end-to-end vulnerability management lifecycle: identification, triage, prioritization, distribution, tracking, and reporting.</p>
</li>
<li>
<p>Collaborate closely with engineering teams to ensure timely remediation of identified vulnerabilities and provide guidance on secure coding practices.</p>
</li>
<li>
<p>Drive the adoption and implementation of the SLSA framework to enhance supply chain security.</p>
</li>
<li>
<p>Continuously evaluate and improve existing security automation and vulnerability management workflows, bringing innovation and ownership to the process.</p>
</li>
<li>
<p>Research emerging threats and vulnerabilities, particularly those relevant to our tech stack and development practices, translating findings into actionable detection or prevention mechanisms.</p>
</li>
<li>
<p>Develop and maintain documentation for security automation tools, processes, and vulnerability management procedures.</p>
</li>
<li>
<p>Assist in triaging and validating findings from various sources, including automated scanners, penetration tests, and bug bounty programs.</p>
</li>
<li>
<p>Contribute to security training materials focused on secure development practices and the tools you implement.</p>
</li>
<li>
<p>Support incident response activities, particularly where automation or vulnerability data can aid investigation and remediation.</p>
</li>
<li>
<p>Champion and execute the security team's automation strategy for cross-functional needs, actively seeking and implementing automation opportunities based on team feedback.</p>
</li>
</ul>
</div><p><br></p><b>About You </b><div>
<ul>
<li>
<p>You have a solid background in software development with demonstrable experience, ideally using languages common in backend or infrastructure development (e.g., Go, Python, Node.js).</p>
</li>
<li>
<p>You possess a strong passion for cybersecurity and have transitioned or are keen to focus your career on security automation and vulnerability management.</p>
</li>
<li>
<p>You have understanding on security tools like SAST, DAST, SCA, and secrets scanning solutions within a CI/CD environment (here at MoonPay we use Github)</p>
</li>
<li>
<p>You understand the principles of vulnerability management, including prioritization frameworks (e.g., CVSS) and remediation tracking.</p>
</li>
<li>
<p>You are familiar with the concepts and goals of the SLSA framework or similar supply chain security initiatives.</p>
</li>
<li>
<p>You excel at collaborating with technical teams, explaining security concepts and tooling requirements clearly, and driving adoption of new processes.</p>
</li>
<li>
<p>You possess strong analytical and problem-solving skills, with an ability to identify inefficiencies and propose automated solutions.</p>
</li>
<li>
<p>You are self-motivated, innovative, take ownership of your work, and can operate effectively in a remote, fast-paced environment.</p>
</li>
<li>
<p>You will collaborate closely with Application Security and Cloud Security teams to translate their operational needs into actionable automation requirements, taking ownership of implementing related security initiatives.</p>
</li>
<li>
<p>Experience working in disruptive technology, FinTech, SaaS, or Crypto sectors is a plus.</p>
</li>
<li>
<p>Familiarity with cloud security principles (AWS, GCP) is beneficial.</p>
</li>
<li>
<p>Possess a deep understanding of GitHub's functionalities, including advanced features, security settings, and API capabilities.</p>
</li>
<li>
<p>Demonstrate strong administrative skills in managing and maintaining GitHub Enterprise environments, including user access, repository management, and organization settings.</p>
</li>
<li>
<p>Familiarity with GitHub Actions for workflow automation and security enforcement.</p>
</li>
</ul>
</div><p><br></p><b>What you will be working with/on…</b><div>
<p>As a key member of our Product Security squad, specifically in the Automation and Vulnerability Management Team, you will focus on embedding security seamlessly into our Software Development Lifecycle (SDLC). You'll be hands-on in building, integrating, and optimizing security automation pipelines, incorporating tools for static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and secrets detection directly into our CI/CD processes. You will champion and manage our vulnerability management program, ensuring vulnerabilities are identified, prioritized, tracked, and remediated efficiently. You'll drive improvements in our supply chain security through initiatives like the SLSA framework. Collaborating closely with engineering teams, you'll automate security workflows, enhance our security posture through innovation, and play a vital role in protecting MoonPay's infrastructure and applications.</p>
</div><p><br></p><p></p>\n<div>$209.66 - $220.70 a year</div>\n<p><b style="font-size: 24px">BLOCK Values </b></p><p><br></p><p><span style="font-size: 16px">We’re looking for people who live our core values, those who strive for excellence and want to leave a lasting legacy&nbsp;on the global financial system. Our values:</span></p><p><br></p><p><b><span style="font-size: 16px">B</span></b><span style="font-size: 16px"> - Be Hungry</span></p><p><b><span style="font-size: 16px">L</span></b><span style="font-size: 16px"> - Level Up</span></p><p><b><span style="font-size: 16px">O</span></b><span style="font-size: 16px"> - Own It</span></p><p><b><span style="font-size: 16px">C</span></b><span style="font-size: 16px"> - Crypto Curious</span></p><p><b><span style="font-size: 16px">K</span></b><span style="font-size: 16px"> - Kaizen</span></p><p><br></p><p><span style="font-size: 16px">Research has shown that women are less likely than men to apply for this role if they do not have experience in 100% of these areas. Please know that this list is indicative, and that we would still love to hear from you even if you feel that you are only a 75% match. Skills can be learnt, diversity cannot.</span></p><p><br></p><p><span style="font-size: 24px"><b>Benefits &amp; Perks 💡</b></span></p><p><br></p><p><b style="font-size: 12pt">💰</b><b style="font-size: 16px">Competitive salary package </b></p><p><br></p><p><b style="font-size: 12pt">🤝 </b><b style="font-size: 16px">Equity package: </b><span style="font-size: 16px">We believe financial freedom starts with our employees, so all employees have ownership at MoonPay</span></p><p><br></p><p><span style="font-size: 16px">📈 </span><b style="font-size: 16px">Pay for performance equity bonus: </b><span style="font-size: 16px">Those who drive outsized outcomes receive outsized rewards </span></p><p><br></p><p><b>🚀 <span style="font-size: 16px">Moonshot award.</span></b><span style="font-size: 16px"> We honor exceptional impact - 10 employees twice a year, each earning a $250,000 equity grant.</span></p><p><br></p><p><span style="font-size: 16px">🏝 </span><b style="font-size: 16px">Unlimited holidays: </b><span style="font-size: 16px">We give you the autonomy to choose when to work (and when to switch off)</span></p><p><br></p><p><span style="font-size: 16px">🌍 </span><b style="font-size: 16px">Hybrid working schedule: </b><span style="font-size: 16px">Work fully remotely or your nearest Moonbase, the choice is yours </span></p><p><br></p><p><span style="font-size: 16px">🩺 </span><b style="font-size: 16px">Private Healthcare benefits: </b><span style="font-size: 16px">To protect you and your loved ones </span></p><p><br></p><p><span style="font-size: 16px">🍼 </span><b style="font-size: 16px">Enhanced parental leave: </b><span style="font-size: 16px">So you can spend more time with your loved ones without a second thought</span></p><p><br></p><p><span style="font-size: 16px">📚 </span><b style="font-size: 16px">Annual training budget: </b><span style="font-size: 16px">We support your training journey every step of the way </span></p><p><br></p><p><span style="font-size: 16px">🪑 </span><b style="font-size: 16px">Home office setup allowance: </b><span style="font-size: 16px">Create the home office of your dreams </span></p><p><br></p><p><span style="font-size: 16px">👛 </span><b style="font-size: 16px">Remote working allowance: </b><span style="font-size: 16px">Those working fully remotely get a little extra for utilities </span></p><p><br></p><p><span style="font-size: 16px">💰 </span><b style="font-size: 16px">Monthly budget to spend on our products and zero fee crypto transactions: </b><span style="font-size: 16px">Cultivate your inner DEGEN </span></p><p><br></p><p><span style="font-size: 16px">💰 </span><b style="font-size: 16px">Employee referral programme: </b><span style="font-size: 16px">Great people know great people, refer them to receive 10K in USDC </span></p><p><br></p><p><span style="font-size: 16px">✈️ </span><b style="font-size: 16px">Regular remote company offsites: </b><span style="font-size: 16px">Meet your colleagues regularly for high impact in person sessions and hackathons </span></p><p><br></p><p><b style="font-size: 16px">🚀 Working in a disruptive and fast-growing company where excellence is rewarded </b></p><p><br></p><p><br></p><p><br></p><p><b><u><span style="font-size: 18px">Commitment To Diversity</span></u></b></p><p><br></p><p><span style="font-size: 16px">At MoonPay we believe that every voice matters. We strive to create a mindful and respectful environment where everyone can bring their authentic self to work, and experience a culture that is free of harassment, racism, and discrimination. That’s why we are committed to diversity and inclusion in the workplace and are a proud equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other characteristic protected by law. This policy applies to all employment practices within our organization, including, but not limited to, hiring, recruiting, promotion, termination, layoff, and leave of absence. </span></p><p><br></p><p><span style="font-size: 16px">MoonPay is also committed to providing reasonable accommodations in our job application procedures for qualified individuals with disabilities. Please inform our Talent Team if you need any assistance completing any forms or to otherwise participate in the application process.</span></p><p><br></p><br/><br/>Please mention the word **ENCHANTINGLY** and tag RMjYwMDoxNzAyOjJlOTA6OWJjMDplYzVkOjk3NzM6MWEyYzpkYmY1 when applying to show you read the job post completely (#RMjYwMDoxNzAyOjJlOTA6OWJjMDplYzVkOjk3NzM6MWEyYzpkYmY1). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.