Software Security Engineer

<div class="content-intro"><h3>Better Money</h3> <p>Strike is the Bitcoin company. With Strike, you can buy and sell bitcoin, pay bills, and borrow against your holdings. From individuals to businesses, Strike is purpose-built for every step of the Bitcoin journey. Available in more than 100 countries — including the U.S., Europe, Latin America, and Africa — Strike is building a better financial system powered by Bitcoin. Bitcoin is better money. Strike is how you use it.</p> <h3>Role:&nbsp;</h3></div><p>We are seeking a Security Software Engineer functioning as the bridge between our security and engineering teams.</p> <p>This is a hands-on engineering role, not a penetration testing or audit position. You will write code, review production systems, and build and manage security controls in our infrastructure and applications.</p> <p>You will operate as an engineer first — applying adversarial thinking to real systems, services, and developer workflows — ensuring security is built into how we ship, not reviewed after the fact.</p> <p>Security is not a final checkpoint but a foundational part of how we build. The role reports into the Strike CISO.</p> <p><strong><em>This position is open to candidates based in the US or Europe.</em></strong></p> <h3><strong>Key Responsibilities</strong></h3> <ul> <li>Embedded Engineering &amp; Collaboration: Function as part of the engineering team by participating in RFCs, PRDs, code reviews, and project planning. Contribute directly to system design with a focus on secure architecture and implementation.</li> <li>Secure System Design &amp; Threat Modeling: Apply adversarial thinking to design and review systems with security implications (e.g., identity systems, authentication flows, APIs), ensuring security is built into implementations from the start.</li> <li>Vulnerability Remediation (Code-Level): Take ownership of vulnerabilities in application code — triaging, fixing, and partnering with engineers to remediate issues in production systems.</li> <li>Infrastructure &amp; Security Tooling: Own and build security controls such as Cloudflare configurations and WAF rules. Integrate security tooling into CI/CD pipelines and developer workflows to enable secure-by-default engineering.</li> <li>Detection &amp; Response Engineering (SIEM): Design and implement alerting rules, detection logic, and incident response workflows within our SIEM, treating detection as an engineering problem.</li> <li>Security Capability Building: Define ownership and build scalable security capabilities across teams. Enable engineers to take on security responsibilities rather than centralizing all security work.</li> </ul> <h3><strong>Required Qualifications &amp; Experience</strong></h3> <ul> <li>Strong Engineering Background: Proven experience as a software engineer building and shipping production systems (backend, infrastructure, or platform preferred). Ability to write production-quality code, not just scripts.</li> <li>Cloud &amp; Infrastructure Experience: Experience designing, deploying, and operating systems in Google Cloud Platform (GCP) and Kubernetes environments.</li> <li>Code Review &amp; System Understanding: Ability to deeply understand production codebases, perform high-quality code reviews, and assess real-world exploitability of issues.</li> <li>Security Engineering Mindset: Ability to reason about threats and security tradeoffs in real systems, not just identify vulnerabilities. Strong understanding of how systems fail and how they can be abused.</li> <li>Technical Proficiencies - Hands-on experience with:</li> <ul> <li>SIEM systems (building detections and workflows)</li> <li>Terraform or infrastructure-as-code</li> <li>Firewall / Web Application Firewall (WAF) configuration</li> </ul> </ul> <h3><strong>What this role is NOT</strong></h3> <ul> <li>This is not a penetration testing or red team role</li> <li>This is not focused on running scanners or producing reports</li> <li>This is a hands-on engineering role working directly in codebases and systems</li> </ul> <h3><strong>US-Based Positions</strong></h3> <ul> <li>Salary range: $195,000 - $210,000</li> <li>Equity in a high-growth startup</li> <li>Health, dental, and vision insurance premium contributions; short &amp; long-term disability insurance and basic life insurance</li> <li>Cell phone and internet reimbursement</li> <li>Flexible PTO, sick leave &amp; parental leave</li> <li>Access to a company 401k plan</li> </ul> <h3><strong>Non US-Based Positions</strong></h3> <ul> <li>Location dependent</li> </ul> <p>We do not make hiring decisions based on educational history whatsoever. Our Founder is a college dropout. We employ high school dropouts, PHD candidates and everything in-between. We do not hire credentials. We simply hire talented, passionate individuals who are excited to be a part of our team.</p> <p>By clicking submit application below, you consent to our use and processing of your data as described in our <a href="https://resources.zaphq.io/docs/strike-candidate-privacy-notice.pdf">Candidate Privacy Notice</a>.</p>