Software Security Engineer

We are seeking a Security Software Engineer functioning as the bridge between our security and engineering teams.

This is a hands-on engineering role, not a penetration testing or audit position. You will write code, review production systems, and build and manage security controls in our infrastructure and applications.

You will operate as an engineer first - applying adversarial thinking to real systems, services, and developer workflows - ensuring security is built into how we ship, not reviewed after the fact.

Security is not a final checkpoint but a foundational part of how we build. The role reports into the Strike CISO., * Embedded Engineering & Collaboration: Function as part of the engineering team by participating in RFCs, PRDs, code reviews, and project planning. Contribute directly to system design with a focus on secure architecture and implementation.

• Secure System Design & Threat Modeling: Apply adversarial thinking to design and review systems with security implications (e.g., identity systems, authentication flows, APIs), ensuring security is built into implementations from the start.
• Vulnerability Remediation (Code-Level): Take ownership of vulnerabilities in application code - triaging, fixing, and partnering with engineers to remediate issues in production systems.
• Infrastructure & Security Tooling: Own and build security controls such as Cloudflare configurations and WAF rules. Integrate security tooling into CI/CD pipelines and developer workflows to enable secure-by-default engineering.
• Detection & Response Engineering (SIEM): Design and implement alerting rules, detection logic, and incident response workflows within our SIEM, treating detection as an engineering problem.
• Security Capability Building: Define ownership and build scalable security capabilities across teams. Enable engineers to take on security responsibilities rather than centralizing all security work.

Do you have experience in Vulnerability management?, * Strong Engineering Background: Proven experience as a software engineer building and shipping production systems (backend, infrastructure, or platform preferred). Ability to write production-quality code, not just scripts.

• Cloud & Infrastructure Experience: Experience designing, deploying, and operating systems in Google Cloud Platform (GCP) and Kubernetes environments.
• Code Review & System Understanding: Ability to deeply understand production codebases, perform high-quality code reviews, and assess real-world exploitability of issues.
• Security Engineering Mindset: Ability to reason about threats and security tradeoffs in real systems, not just identify vulnerabilities. Strong understanding of how systems fail and how they can be abused.
• Technical Proficiencies - Hands-on experience with:

• SIEM systems (building detections and workflows)
• Terraform or infrastructure-as-code
• Firewall / Web Application Firewall (WAF) configuration

Pulled from the full job description

• Parental leave
• 401(k)
• Paid time off
• Vision insurance
• Dental insurance
• Life insurance
• Disability insurance, * Salary range: $195,000 - $210,000
• Equity in a high-growth startup
• Health, dental, and vision insurance premium contributions; short & long-term disability insurance and basic life insurance
• Cell phone and internet reimbursement
• Flexible PTO, sick leave & parental leave
• Access to a company 401k plan

Strike is the Bitcoin company. With Strike, you can buy and sell bitcoin, pay bills, and borrow against your holdings. From individuals to businesses, Strike is purpose-built for every step of the Bitcoin journey. Available in more than 100 countries - including the U.S., Europe, Latin America, and Africa - Strike is building a better financial system powered by Bitcoin. Bitcoin is better money. Strike is how you use it.