Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Crossmint

Head of Security

Crossmint

Head of Security building and owning Crossmint's security function. Leading security strategies and compliance for fintech and crypto infrastructure.

Posted 6/12/2026full-timeNew York City • Florida, New York • 🇺🇸 United StatesLead💰 $210,000 - $250,000 per yearWebsite

Tech Stack

Tools & technologies
AWSCloud

About the role

Key responsibilities & impact
  • Define and own Crossmint's security strategy, including roadmap prioritization, risk posture, and security investment decisions.
  • Operate fluidly across scope levels: board-level risk briefings one hour, hands-on threat model review the next.
  • Establish and maintain a security program that scales with the company, not one that creates drag on product velocity.
  • Report to co-founders on security posture, risk landscape, and program progress.
  • Maintain deep technical fluency across cloud security (AWS primary), application security, CI/CD security, and endpoint and corporate IT.
  • Review architecture decisions, new product features, and infrastructure changes for security implications before they ship.
  • Conduct or lead threat modeling exercises across product and infrastructure domains.
  • Step in as a hands-on practitioner during incidents, complex vulnerability analysis, or high-stakes security reviews where direct expertise is required.
  • Own security's relationship with auditors, regulators, and compliance frameworks including SOC 2 Type II, DORA, and MiCA-related security requirements.
  • Lead audit preparation cycles: scope definition, evidence readiness, control documentation, and auditor-facing communication.
  • Maintain audit-ready posture year-round, not as a sprint before each audit window.
  • Partner with the Compliance function to ensure security controls satisfy both regulatory requirements and practical risk management objectives.
  • Manage and develop the Senior DevSecOps Engineer, with the expectation of growing the security team over time.
  • Serve as the internal authority on security for Engineering, Product, Compliance, Legal, and People Ops.
  • Drive security awareness and culture across the company without creating friction that slows down product teams.

Requirements

What you’ll need
  • 8+ years in security, with at least 3 years in a security leadership or program ownership role.
  • Deep technical fluency in cloud security, application security, and CI/CD security. This is not a policy-only role.
  • Demonstrated experience owning a security compliance program end-to-end through at least one major audit cycle: SOC 2 Type II strongly preferred.
  • Software engineering degree or software engineering experience that makes up for it.
  • Deep familiarity with the latest AI / agentic tools.
  • Prior experience in fintech, payments, or similarly regulated industries, where concepts like treasury management aren't foreign and security failures carry direct consequences for licensing, customer trust, and business continuity.
  • Strong written and verbal communication skills, including the ability to brief executive and board-level stakeholders on risk without unnecessary jargon.
  • Experience managing or mentoring security engineers.
  • Ability to work flexible hours if an incident arises.

Benefits

Comp & perks
  • Extensive access to leading AI tools and subscriptions, with AI actively encouraged and integrated into daily workflows.
  • We conduct two performance reviews annually. The first addresses performance ratings, bonuses, and promotions. The second encompasses these elements along with salary adjustments reflecting inflation and market conditions.
  • Stock options are part of every full-time offer. We want everyone here to be a genuine stakeholder in what we're building.
  • Unlimited, flexible PTO.
  • Parental Leave program.
  • Flexible work schedule.
  • Company laptop and allowance for any necessary home equipment.
  • Daily stipend for commuting to the office and/or meals.
  • Three company-paid off-sites per year.
  • Health, dental, vision, life, short-term disability (STD), and long-term disability (LTD) insurances.
  • 401(k) Plan.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cloud securityapplication securityCI/CD securitythreat modelingvulnerability analysissecurity complianceaudit preparationsecurity program managementrisk managementsecurity strategy
Soft Skills
communication skillsleadershipmentoringcollaborationproblem-solvingflexibilitystakeholder engagementsecurity awarenessorganizational skillsstrategic thinking