Exodus

Head of Product Security

Exodus

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Salary

💰 $230,000 - $310,000 per year

Job Level

Lead

Tech Stack

CloudSDLC

About the role

  • Own and evolve Exodus product security strategy, embedding security into the full product lifecycle from ideation and design to deployment and maintenance.
  • Build, mentor, and scale a high-performing team that blends technical expertise with strong developer and business empathy.
  • Partner with engineering, product, and design to integrate secure development safe UX/UI practices into product development without slowing delivery.
  • Drive strategic initiatives for secure SDLC, security tooling adoption, developer enablement, and measurable risk reduction.
  • Work with cross-functional partners, including Legal and Compliance, to ensure product designs and processes meet industry and regulatory requirements, enabling Exodus to operate securely and compliantly in all markets.
  • Lead product security incident response and manage Exodus’s vulnerability disclosure and bug bounty programs, acting as the technical authority to contain, resolve, and learn from vulnerabilities while fostering productive engagement with the security community.
  • Play an active role in shaping product strategy to ensure security is a differentiator and enabler for business growth.

Requirements

  • 8-10+ years in software or security engineering roles, with the ability to work hands-on in code, architecture, and tooling.
  • Experience leading SDLC security programs.
  • Strong understanding of software development and CI/CD environments, and how to integrate security into fast-moving product teams without creating bottlenecks.
  • Proficiency in at least one major programming language and ability to work across multiple languages and API types when needed.
  • Skilled in secure code reviews, business logic assessments, cloud security, and applying security frameworks and compliance requirements in practical ways.
  • Proven ability to influence and drive change across teams without direct authority, building trust and alignment with diverse stakeholders.
  • Proactive, adaptable, and continuously learning to stay ahead of emerging threats and technologies. A Plus
  • Experience in cryptocurrency, blockchain, and/or fintech environments.
  • Knowledge of privacy engineering principles and regulations such as GDPR, DORA.