Stellar Development Foundation

Director – Ecosystem Product Security

Stellar Development Foundation

full-time

Posted on:

Location Type: Hybrid

Location: New York CityNew YorkUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $225,000 - $335,000 per year

Job Level

Lead

About the role

  • Define and lead the Foundation’s security strategy across both the Stellar ecosystem and Foundation-owned systems
  • Raise the practical security baseline for key ecosystem participants, including wallets, infrastructure providers, custodians, issuers, and validators
  • Publish actionable guidance, reference patterns, and security expectations that drive real adoption across the ecosystem
  • Build coordination mechanisms for shared risks, incident response, and cross-ecosystem security improvement
  • Own security outcomes for Foundation-developed software, Foundation-operated infrastructure, and treasury / custody-related responsibilities
  • Partner with Engineering, Finance, Legal, IT, and Corporate Security to drive implementation of security controls and secure operating practices
  • Lead secure development efforts across architecture, threat modeling, vulnerability management, bug bounty programs, and product incident response
  • Build and lead a high-performing security team, while translating strategy into execution plans and measurable outcomes
  • Represent the Foundation externally as a credible technical leader and convener on ecosystem security

Requirements

  • 10+ years of experience in security, including significant experience in senior leadership roles
  • 5+ years leading security programs, teams, or functions with meaningful scope
  • A track record of owning security outcomes for complex, high-consequence systems in production
  • Deep experience in product and application security, with hands-on judgment in real-world environments
  • Strong familiarity with blockchain and decentralized system security
  • The ability to assess and prioritize risk across areas such as protocol design, smart contracts, wallets, validators, dependencies, and governance mechanisms
  • Experience driving security improvements across multiple teams, organizations, or ecosystem participants, including in environments where you do not have direct authority
  • Strong incident judgment, including experience handling high-severity incidents and disclosure processes
  • A pragmatic approach to security, with the ability to make tradeoffs that reduce real-world risk rather than optimize for theoretical completeness
  • Experience building, leading, and developing high-performing security teams
  • The ability to set strategy, translate it into execution, and deliver measurable outcomes
  • Clear communication skills and the credibility to work effectively with engineers, executives, and external ecosystem participants
  • Experience operating in environments where security failures could lead to financial loss, operational disruption, or loss of trust.
Benefits
  • Competitive health, dental & vision coverage with most plans covered at 100% for the employee + any dependents
  • Flexible time off + 15 company holidays including a company-wide holiday break
  • Up to 12 weeks of paid parental leave for both non-birthing and birthing parents, as well as up to 14 weeks of paid pregnancy leave for birthing parents
  • Gym reimbursement ($80 per month)
  • Life & ADD (up to $50K)
  • Short & Long term disability
  • 401K with 4% match
  • Health & Dependent Care FSA Accounts
  • Commuter benefits with $250/month employer contribution
  • Health Savings Account (HSA) with monthly employer contribution
  • Family building benefits through Kindbody
  • Wellbeing benefits (One Medical, Rightway, Headspace)
  • L&D budget of $1,500/year
  • Daily lunch and snacks in office
  • Company retreats
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
security strategyincident responsethreat modelingvulnerability managementbug bounty programsproduct securityapplication securityrisk assessmentprotocol designsmart contracts
Soft Skills
leadershipcommunicationstrategic planningteam buildingpragmatic approachincident judgmentcollaborationcredibilityexecutionprioritization