Senior Security Engineer, NYC, MIA

Crossmint

Senior Security Engineer managing operational security at Crossmint. Responsible for security operations, compliance, and engineering support in a hybrid work environment.

Posted 5/12/2026full-timeMiami • Florida, New York • 🇺🇸 United StatesSenior💰 $180,000 - $210,000 per yearWebsite

Tech Stack

Tools & technologies

AWSCloudGoogle Cloud Platform

About the role

Key responsibilities & impact

Own and operate cloud security across our cloud environments: AWS primarily, with some exposure to GCP, Vercel.
Design, maintain, and monitor engineering security controls including cloud IAM, logging, monitoring/alerting, and key management.
Secure our coding assets, including: CI/CD pipelines, GitHub Action environments, secrets management, and software supply chain.
Manage security-related access controls including privileged access, service accounts, credential rotation, and performing access reviews.
Perform secure code reviews and provide hands-on application security support to engineering teams.
Review authentication flows, payment logic, and API security with human judgment, not just automated scanners.
Partner with engineers to remediate vulnerabilities and embed security best practices into product development.
Coordinate our external security review program with our 3P security auditor firms.
Own vulnerability management workflows including prioritization, remediation tracking, and verification.
Support incident response through internal triage, investigation, and remediation in collaboration with external 24/7 response partners.
Support SOC 2 and other compliance efforts by collecting evidence, documenting controls, and maintaining audit-ready processes for engineering-security related controls.
Contribute to regulatory and compliance initiatives such as DORA, where applicable.

Requirements

What you’ll need

4-8 years of experience as a security engineer.
3+ years of hands-on experience securing AWS environments or equivalent cloud, including IAM, Security Hub, CloudTrail, GuardDuty, and KMS.
Strong understanding of CI/CD security, including GitHub Actions, secrets scanning, and dependency management.
Experience with secure code review or application security fundamentals.
Experience working with at least one compliance framework, preferably SOC 2, though ISO 27001 or similar is acceptable.
Highly organized with great attention to detail. You don’t drop balls.
Comfort operating in a fast-paced startup environment with ambiguity.
Ability to communicate security concepts clearly to non-technical stakeholders without creating friction.
Experience using AI-assisted tools such as Claude or GitHub Copilot for security automation.
Ability to work flexible hours if an incident arises.

Benefits

Comp & perks

Extensive access to leading AI tools and subscriptions, with AI actively encouraged and integrated into daily workflows.
Stock options program.
We conduct two performance reviews annually. The first addresses performance ratings, bonuses, and promotions. The second encompasses these elements along with salary adjustments reflecting inflation and market conditions.
Unlimited, flexible PTO.
Flexible work schedule.
Company laptop and allowance for any necessary home equipment.
Daily stipend for commuting to the office.
Company-paid trips for annual off-sites and onsites.
Insurance covered by Crossmint.
401(k) Plan.

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud securityAWSGCPcloud IAMCI/CD securitysecure code reviewvulnerability managementapplication securityAPI securityincident response

Soft Skills

highly organizedattention to detailcommunication skillsability to work in ambiguitycollaborationproblem-solvingflexibilityteamworkleadershiptime management

Certifications

SOC 2ISO 27001DORA