Senior Security Architect

Atlanta, GA /
Security /
Full Time

Who We Are
 
Bakkt unlocks the $1.2+ trillion of digital assets that is currently held in cryptocurrencies, rewards and loyalty points, gaming assets and merchant stored value. We began in 2018 with the vision to bring trust and transparency to digital assets. Through the Bakkt Warehouse and Bakkt Bitcoin Futures and Options contracts, we serve institutional clients in an end-to-end regulated market with true price transparency. For consumers, Bakkt aggregates digital assets to enable instant liquidity and to empower users to trade, transfer and pay however they want. Merchants within the Bakkt ecosystem see a lower cost of payment acceptance, enhanced customer engagement, and decreased loyalty through a variety of redemption options.
 

We are searching for a passionate, talented, and customer-focused Senior Security Architect to help us continue to build best-in-class cyber security into our products, by both helping build upon and improve our existing application and platform security capabilities as well as performing or coordinating security assessments targeting our products and underlying architecture. We’re looking for someone both comfortable with speaking with senior leaders about the importance of product security, while also feeling right at home looking at or building code or secure design patterns to be used by software engineers. If you’re familiar with building security into modern architectures, cloud infrastructure, and e-commerce or payments systems, and enjoy working in an exciting, fast-paced startup culture, then we want to hear from you!

Responsibilities

    • Own, lead, and evangelize the software security program for Bakkt, ensuring that all Bakkt Products are designed, deployed, and maintained as securely as possible, using a risk-based approach
    • Partner with Product, Development, and Engineering teams to ensure security is a first-class citizen in our Product roadmaps
    • Run or lead internal or external security assessments, respectively, targeting our Products
    • Participate and lead design sessions with Software Architects, Engineers, and Product Management to effectively build security into new features and capabilities
    • Actively participate in the overall strategic planning of the Security team to identify and implement modern security architectures, standards, and related tools & technologies 

Requirements

    • 8+ years of experience in cyber security
    • 5+ years of experience of security architecture knowledge & experience
    • 3+ years of experience building or leading software security programs
    • 3+ years of experience designing or building / engineering platform security into cloud infrastructures (e.g. AWS, Azure, GCP)
    • 2+ years of experience running and coordinating / leading internal and external penetration testing and/or participating in red team engagements
    • Expertise identifying, triaging, managing, and remediating application security vulnerabilities
    • Expertise with at least one programming language, preferably Java
    • Expertise with automating security into infrastructure, using automation or configuration management tools such as Chef, Puppet, Terraform, Ansible, etc.
    • Expertise with encryption and protection of data both at rest and in transit, along with expertise in related key management tools, techniques, and procedures
    • Experience instrumenting security into a DevOps and CI/CD engineering environment, e.g. static code analysis, software composition analysis, dynamic testing, etc.
    • Experience building privacy by design into products & services
    • Experience securing publicly-facing, e-Commerce-driven web application architectures
    • Experience securing modern, cloud-native architectures, to include APIs, containerization and related orchestration platforms, microservices, service meshes, etc.
    • Experience deploying or managing application security defense solutions, such as web application firewalls, load balancers, DDOS mitigation services, DNS, CDNs, etc.
    • Experience conducting automated or manual code reviews
    • Experience with both the Linux and Windows operating systems
    • Experience working in a regulated industry highly desired
    • Excellent skills effectively articulating security requirements, both in highly technical terms, and in business terms, using a balanced-risk approach
    • Ability to clearly document application security standards, architectural requirements, and other artifacts as needed
    • Four-year college degree preferred, but not required
    • Security certifications in penetration testing, cloud infrastructure, or software security are preferred but not required
Bakkt is devoted to having diversity in its workforce and is proud to be an equal opportunity employer. Bakkt does not make any employment decisions based on race, color, religion, sex, national origin, veteran status, disability, age, sexual orientation, gender identity of any other characteristic protected by law.