Crossmint
Senior DevSecOps Engineer NYC MIA
NEW๐ฐ USD 160,000 - 180,000/yr
Job Description
4h ago
Miami, New York City ยท Hybrid
Senior DevSecOps Engineer (NYC / MIA)
About Crossmint
Global financial rails are undergoing a once-in-a-generation transformation. Instant settlement. Programmable. Agent-first. Crossmint is the infrastructure helping companies build for that future.** We are the leading all-in-one stablecoin and wallet infrastructure platform, enabling fintechs, enterprises, and agentic platforms to integrate stablecoin rails with speed, compliance, and scale. Crossmint provides everything enterprises need to ship smart financial rails, including smart wallets, cross-chain stablecoin orchestration, on/offramps, token checkout, and more, all through a single developer-friendly API.
Trusted by more than 40,000 clients including global leaders like MoneyGram, Western Union, and Paga to nation states like the Marshall Islands, Crossmint powers stablecoin flows that move billions from cross-border remittances, global payroll, to the world's first digital UBI program.
MiCA-authorized, PSD2-licensed, and SOC2 Type II certified, Crossmint serves 150+ countries globally across 50+ blockchains. Backed by Ribbit Capital, Franklin Templeton, NYCA, First Round, and Lightspeed Faction.
We're building the infrastructure for the era of programmable finance. Join us!
Location**
NYC or Miami. Hybrid office setting.
Type of employment
Full-time
Salary range
160,000 - 180,000 USD
Note: Final level and compensation are determined during the interview process based on experience and fit.
Seniority
4โ8 years of experience as a security engineer, with a clear security-first background.
About The Role
We are looking for a Senior DevSecOps Engineer to own the operational execution of security at Crossmint. Security is your core discipline. Cloud infrastructure and IT are the environments you secure, and you will work alongside the teams that operate them, but you are here first and foremost as a security practitioner.
You will be the hands-on owner of our day-to-day security posture: cloud environments, developer pipelines, application security, vulnerability management, and compliance operations. You will partner regularly with Engineering and IT & Infrastructure, contributing security expertise into their work rather than running their functions. This is not a generalist infrastructure role with security responsibilities bolted on.
Responsibilities
Cloud and Infrastructure Security
- Own security across our AWS environments (primary), with additional exposure to GCP and Vercel: IAM, Security Hub, CloudTrail, GuardDuty, KMS, and related controls.
- Design, maintain, and monitor security controls across cloud infrastructure: logging pipelines, alerting thresholds, key management, and privileged access workflows.
- Manage security-relevant access controls across cloud environments and internal systems, including service accounts, credential rotation, and periodic access reviews.
- Provide security input to IT & Infrastructure on network segmentation, endpoint security baselines, and cross-system access policies, without owning those systems yourself.
- Secure our CI/CD pipelines and GitHub Actions environments: secrets management, supply chain risk, and dependency vulnerability workflows.
- Perform secure code reviews and provide hands-on application security support to engineering teams.
- Review authentication flows, payment logic, and API security with human judgment, not just automated scanners.
- Partner with engineers to remediate vulnerabilities and embed security practices into the development lifecycle.
- Own vulnerability management end-to-end: identification, prioritization, remediation tracking, and verification.
- Coordinate our external security review program with third-party audit and penetration testing firms.
- Support incident response through internal triage and investigation, working alongside our external 24/7 response partners.
- Support SOC 2 and other compliance efforts by collecting evidence, documenting controls, and maintaining audit-ready processes for engineering and security-related controls.
- Contribute to DORA compliance initiatives where applicable.
- Maintain clear, auditable documentation of security processes to support audit cycles and long-term knowledge transfer.
About You
Must Haves
- 4โ8 years of experience as a security engineer, with a clear security-first background rather than a generalist infrastructure background.
- 3+ years of hands-on experience securing AWS environments: IAM, Security Hub, CloudTrail, GuardDuty, and KMS.
- Strong practical knowledge of CI/CD security: GitHub Actions, secrets scanning, and dependency management.
- Experience with secure code review or core application security concepts (OWASP, auth flows, API security).
- Experience working within at least one compliance framework, SOC 2 preferred, with ISO 27001 or similar acceptable.
- Fluent communicator across technical teams โ you can work productively with developers and IT engineers without needing to own their domains.
- Self-directed and organized. You track your own work and do not drop threads.
- Experience using AI-assisted tools such as Claude or GitHub Copilot for security automation or research.
- Ability to work flexible hours if an incident arises.
- Experience at a fintech, payments, or crypto company.
- Familiarity with DORA or MiCA compliance requirements.
- Exposure to blockchain or crypto-specific security considerations.
- Prior experience where security work regularly intersected with IT or infrastructure teams.
- Take a security issue from identification through remediation with minimal guidance.
- Prioritize based on risk and impact, not on who is asking the loudest.
- Contribute meaningfully to Engineering and IT conversations without needing to own those functions.
- Document clearly enough that an auditor or a teammate can follow the trail six months later.
- Push back when something is insecure, and offer a practical alternative.
- Know when to escalate versus handle independently.
Why Join Crossmint?
This is an opportunity to have real ownership over the operational security foundation of a company building core infrastructure for the next generation of financial systems. You will work closely with strong engineering and compliance partners, tackle meaningful security problems, and help scale a platform trusted by thousands of customers worldwide.
Compensation & Benefits
- Extensive access to leading AI tools and subscriptions, with AI actively encouraged and integrated into daily workflows.
- We conduct two performance reviews annually. The first addresses performance ratings, bonuses, and promotions. The second encompasses these elements along with salary adjustments reflecting inflation and market conditions.
- Stock options are part of every full-time offer. We want everyone here to be a genuine stakeholder in what we're building.
- Unlimited, flexible PTO.
- Parental Leave program.
- Flexible work schedule.
- Company laptop and allowance for any necessary home equipment.
- Daily stipend for commuting to the office and/or meals.
- Three company-paid off-sites per year.
- Health, dental, vision, life, short-term disability (STD), and long-term disability (LTD) insurances.
- 401(k) Plan.
Our Principles
- Results and delivery: Ship high quality work fast.
- Build for the long term: Build scalable, secure, and reliable solutions. Use AI.
- Extreme Ownership: Be an effective Directly Responsible Individual (DRI). Be proactive.
- Be a team player: Be an effective and kind colleague providing credible challenge. Be present and reliable.
Talent research indicates that women are often less inclined than men to apply for a role unless they have experience in 100% of the listed skills. However, this list is only a guide. We welcome yo