Gemini · 2 weeks ago
Staff Application Security Engineer
New York, NY
Full-time
Hybrid
Senior Level, Lead/Staff
$168K/yr - $240K/yr
7+ years expGemini is a global crypto and Web3 platform offering a wide range of crypto products and services. The Staff Application Security Engineer will be responsible for protecting the company and customers against application security threats, leading secure design reviews, threat modeling, and providing security recommendations throughout the software development lifecycle.
CryptocurrencyFinanceFinancial ServicesFinTechWeb3
Responsibilities
Own and evolve the Gemini Secure Software Development Lifecycle guardrails as an application security subject matter expert
Lead architecture reviews, threat modeling, code reviews, and penetration testing for high-risk applications and services
Research, build and drive adoption of high-signal application security automation and secure-by-default frameworks
Create and deliver hands-on application security training to enable engineers at scale
Participate in the Application Security on-call rotation and lead post-incident hardening
Qualification
Required
Proven ability to perform design reviews, threat modeling, secure code reviews, and penetration testing with an attacker mindset
Strong background in application security best practices and familiarity with common vulnerabilities (e.g. SSRF, race conditions, privilege escalations, etc.)
Deep code review proficiency in Scala/JVM (preferred) or other languages and at least one of Python/Go/etc for building; able to review production services in other languages
Experience implementing custom detection and prevention application security controls to eliminate application security issues beyond OWASP Top 10
Familiarity with and ability to understand business objectives, business context, and security risk
Strong cross-functional communication and collaboration (Security, Engineering, and Product)
Typically 7-10+ years of experience or equivalent impact in application security, product security, or similar roles
Preferred
Experience implementing supply chain security controls (SCA, SLSA, signing, etc.)
Prior experience in cryptocurrency firms or highly regulated environments (PCI DSS, SOX, SOC2, ISO 27001)
Open-source impact such as conference talks, blogs/papers, tooling, or libraries
Benefits
A discretionary annual bonus
Long-term incentive in the form of a new hire equity grant
Comprehensive health plans
401K with company matching
Paid Parental Leave
Flexible time off
Company
Gemini
Gemini is a licensed digital asset exchange and custodian built for both individuals and institutions.
501-1000 employees
H1B Sponsorship
Gemini has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2024 (1)
Funding
Current Stage
Public CompanyTotal Funding
$499.9MKey Investors
RippleDraper DragonMorgan Creek Digital
2025-09-12IPO
2025-07-10Debt Financing· $75M
2022-06-20Secondary Market· $1M
Leadership Team
Tyler Winklevoss
Co-Founder & CEO
Cameron Winklevoss
Co-founder & President
Recent News
Analytics Insight: Latest AI, Crypto, Tech News & Analysis
2026-01-11
2026-01-07
Company data provided by crunchbase