Ripple

Staff Product Security Engineer

London, UK
Java R C++
Search for More Jobs Talk to a recruiter now 💪
This job is closed! Check out or
Description

At Ripple, we’re building a world where value moves like information does today. It’s big, it’s bold, and we’re already doing it. Through our crypto solutions for financial institutions, businesses, governments and developers, we are improving the global financial system and creating greater economic fairness and opportunity for more people, in more places around the world. And we get to do the best work of our career and grow our skills surrounded by colleagues who have our backs. 

If you’re ready to see your impact and unlock incredible career growth opportunities, join us, and build real world value.

THE WORK:

Through our blockchain technology and rapidly growing network of financial institutions, Ripple is improving the global financial system and increasing economic inclusion for more people in more places worldwide.  Ripple is looking for passionate Information Security professionals to build an extraordinary Information Security program.  As part of the Information Security team, you will help us achieve this mission by actively working to protect our staff, company, and the larger crypto communities we engage with.  

In this role, you will be a technical InfoSec leader, ensuring the security of Ripple’s product line and mentoring other InfoSec engineers.  Product Security Engineers provide detailed threat models for all products and services and ensure the required detection and prevention controls meet the most exacting standards. The role demands proficiency in security architecture, design principles, metrics tracking, and the strategic integration of security practices throughout the Product Development Life Cycle. Additionally, familiarity with custody platforms in the blockchain ecosystem is a valuable asset. This position will report to our Director of Product Security and regularly collaborate with the technical leaders across our InfoSec, engineering, XRPL, and BizOps teams.   

WHAT YOU’LL DO:

  • Be a security advocate and subject matter expert within the organization and be able to communicate security risks and concepts to both technical and non-technical audiences
  • Spearhead the development and implementation of threat modeling to identify and assess potential security threats on complex applications, involving multitude of components, dependencies, and functionalities. 
  • Lead initiatives with engineering teams to optimize threat models and mitigate risks.
  • Relentlessly champion security outcomes on behalf of our customers
  • Work with other engineering leaders to embed security into day-to-day development processes
  • Help proactively assess security risk through product deep dives, threat modeling, design, architecture, and implementation reviews.
  • Review and enhance existing security processes related to product assessments, pen testing, and bug bounty findings.
  • Conduct targeted security training sessions for development teams, fostering awareness of security concerns and cultivating a security-conscious culture. 
  • Designing innovative solutions for product security challenges at the organization’s scale.
  • Develop and implement metrics tracking mechanisms to measure the effectiveness of security measures, providing actionable insights for continuous improvement. 
  • Collaborate closely with engineering and architecture teams to design and implement resilient security architectures for blockchain, offering guidance on secure coding practices and design principles unique to distributed ledger technologies. 
  • Seek opportunities for security tooling and automation.

WHAT YOU’LL BRING:

  • 8 years of experience hands-on experience in product security or application security
  • Experience with the application of threat modeling and other risk identification techniques
  • Profound knowledge of security architecture and secure design principles. 
  • Strong understanding of the OWASP top 10, including details of common vulnerabilities 
  • Experience with authentication and authorization standards, including OAuth and SAML, and their weaknesses.
  • Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
  • Experience with Cloud Technology, preferably Amazon Web Services. 
  • Advanced-level coding skills (C++ and Java are a plus)
  • Showcase a profound understanding of cryptographic principles and implement robust cryptographic protocols within blockchain architectures to safeguard sensitive information and digital assets effectively. 
  • Results-oriented, values collaboration, self-motivation.
  • Someone willing to adapt to change in a fast-moving environment
  • Inclusive leadership and teamwork skills, especially in global cross-functional and remote teams. 
  • Results-oriented, values collaboration, self-motivated
  • Above all, a team player who can handle challenging situations, a rapidly maturing security culture, and an eagerness to mentor less experienced engineers
  • Any relevant certifications, e.g., CSSLP, CISSP, AWS-SAA

WHO WE ARE:

Do Your Best Work

  • The opportunity to build in a fast-paced start-up environment with experienced industry leaders
  • A learning environment where you can dive deep into the latest technologies and make an impact.  A professional development budget to support other modes of learning.
  • Thrive in an environment where no matter what race, ethnicity, gender, origin, or culture they identify with, every employee is a respected, valued, and empowered part of the team.
  • Ripple is Flexible First: in-office collaboration for moments that matter is important to our culture, and we give managers and teams the flexibility to decide which days they come in.
  • Weekly all-company meeting - business updates and ask me anything style discussion with our Leadership Team
  • We come together for moments that matter which include team offsites, team bonding activities, happy hours and more!

Take Control of Your Finances

  • Competitive salary, bonuses, and equity
  • Competitive benefits that cover physical and mental healthcare, retirement, family forming, and family support
  • Employee giving match
  • Mobile phone stipend

Take Care of Yourself

  • Twice a quarter R&R days so you can rest and recharge
  • Generous wellness reimbursement and weekly onsite & virtual programming
  • Generous vacation policy - work with your manager to take time off when you need it
  • Industry-leading parental leave policies. Family planning benefits.
  • Catered lunches, fully-stocked kitchens with premium snacks/beverages, and plenty of fun events

Benefits listed above are for full-time employees. 


Ripple is an Equal Opportunity Employer. We’re committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance.
 

There are more than 50,000 engineering jobs:

Subscribe to membership and unlock all jobs

Engineering Jobs

60,000+ jobs from 4,500+ well-funded companies

Updated Daily

New jobs are added every day as companies post them

Refined Search

Use filters like skill, location, etc to narrow results

Become a member

🥳🥳🥳 320 happy customers and counting...

Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.

Cancel anytime / Money-back guarantee

Wall of love from fellow engineers