Crypto Security Engineer

About Binance.US: 

Binance.US is America's home to buy, trade, and earn digital assets. As a licensed and regulated U.S. crypto platform, Binance.US offers some of the lowest fees in the industry and provides secure and reliable access to more than 160 of the world’s most popular cryptocurrencies. We’re on a mission to empower people to do more with their money. The new economy has arrived and we’re committed to helping everyone access the world of blockchain and crypto. To learn more about Binance.US, visit https://www.binance.us/. All roles supporting Binance.US are employed via BAM Management US Holdings Inc. or BAM Management Canada Holdings Inc.

About This Role:

The Crypto Security Engineer is part of the Security team and reports to our Crypto Engineering & Security Director. As a Crypto Security Engineer, you will be responsible for safeguarding the company's digital assets by architecting and maintaining the security of our custody infrastructure and blockchain integrations. As Crypto Security Engineer you will partner with Engineering, Compliance, and Operations, to ensure the end-to-end security and integrity of the Binance.US platform and its digital assets.

Core Responsibilities:

• Own Wallet & Custody Security: Architect, implement, and own the security of our institutional-grade digital asset custody infrastructure. This includes designing secure wallet architectures, managing advanced key management solutions, and ensuring the cryptographic integrity of all assets.

• Blockchain Protocol & Staking Security: Serve as the subject matter expert on the security of various blockchain protocols. Analyze and mitigate risks associated with staking, delegation, and validator operations across a diverse set of networks.

• Threat & Vulnerability Management: Proactively identify, assess, and mitigate security risks across our crypto-native systems. Conduct threat modeling, penetration testing, and continuous vulnerability analysis of our blockchain infrastructure and custody solutions.

• New Asset Onboarding: Develop and manage the security assessment framework for listing new digital assets. Perform in-depth analysis of blockchain protocols, consensus mechanisms, and on-chain attack vectors to ensure the safety of our platform and users.

• Incident Response: Develop and lead the incident response process for all digital asset security events, from detection and containment to post-mortem analysis and remediation.

• Security Policy & Controls: Design, implement, and maintain comprehensive security policies, procedures, and internal controls governing digital asset management, transactions, and key management ceremonies.

• Cross-Functional Collaboration: Partner closely with Engineering, Compliance, and Operations teams to embed security-by-design principles throughout the entire digital asset lifecycle, providing expert guidance on custody and protocol security.

Preferred Skills/Experience:

• 5+ years of progressive experience in a hands-on cybersecurity role, with at least 2 years focused specifically on blockchain, digital assets, or crypto custody.

• Deep, demonstrable understanding of how different blockchains work at a protocol level, including various consensus mechanisms and transaction lifecycle models.

• Hands-on experience securing digital asset custody infrastructure, including nodes, wallets, and key management systems (KMS/HSM).

• Deep, demonstrable understanding of cryptographic principles (e.g., public/private key cryptography, hash functions, digital signatures, MPC, TSS).

• Experience leveraging AI tools and methodologies for security analysis, threat detection, and code-assisted tasks is a significant plus.

• Proficiency in at least one scripting or programming language (e.g., TypeScript, Python) for security automation and analysis.

• Excellent analytical and problem-solving skills, with the ability to think like an attacker and anticipate novel threats.

Bonus points for:

• Hands-on experience with the crypto ecosystem, such as running a personal validator/node, actively participating in DeFi protocols, or membership in a DAO.

• Experience with cloud security architecture (AWS, GCP, Azure) in a fintech or regulated environment.

• Active participation in bug bounty programs or a history of responsible disclosure.

• Relevant security certifications (e.g., OSCP, CISSP, GCIH).

Salary:

The starting pay range for this role is between USD$145,000 - USD$165,000 for all U.S. remote locations. The actual base pay will vary, and is dependent upon many factors, such as transferable skill sets, work experience, business needs, and market demands. The base pay range is subject to change.

BAM Management US Holdings Inc. and BAM Management Canada Holdings Inc. are Equal Opportunity Employers. Our mission is to give Americans access to a broad array of digital assets, and we thrive because of the diverse and inclusive team that we are building. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual preference, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance. 

We comply with Federal Transparency in Coverage regulations by providing a link to machine readable files related to the health plans offered to our employees. The machine-readable files are formatted to allow researchers, regulators, and application developers to more easily access and analyze data including negotiated service rates, and out-of-network allowed amounts between health plans and healthcare providers.