Staff Software Engineer - Security

at Bitso
  • Remote - Central America

Remote

Software Development

Mid-level

Job description

Working At Bitso

We are a diverse team that takes pride in understanding the perspectives of others. We fully embrace working remotely and we are eager to act, improve and accelerate progress inside and outside of our organization.

To drive revolutionary changes in society and make crypto useful, we delight our customers with world-class products, deep care, and intentional empathy.

Your Purpose

As a Staff Software Engineer you will take ownership of critical technical decisions, collaborating with the team to implement enhancements and ensure the highest quality in our systems. You will play a pivotal role in defining and delivering cutting-edge technical solutions, guiding and mentoring other engineers, and setting the technical direction and architecture of our applications.

Your deep understanding on cyber security makes not only your team stronger but the whole Bitso.

Reports To

Engineering Manager

Who You Are

  • Passionate about cryptocurrency.
  • Possesses a high degree of responsibility, organization, and discipline.
  • Exhibits exceptional attention to detail.
  • Demonstrates 5+ years of staff software engineering experience, including leadership experience, including managing and mentoring technical and product-oriented teams.
  • Displays exceptional oral and written communication skills, and can convey complex security concepts to diverse audiences, including technical and non-technical stakeholders.
  • Possesses excellent time and project management skills, with a proven ability to lead complex security initiatives and deliver results within set deadlines.
  • You’ve got large experience working with Java 8+
  • Strong hands-on experience developing high scalable system designs and building proposed solutions with teams;
  • Strong understanding and experience working with distributed systems;
  • Strong hands-on experience implementing multi-factor authentication (MFA) solutions, including biometrics, one-time passwords (OTP), WebAuthn, FIDO2, and risk-based authentication.
  • Strong hands-on experience with secure coding principles and best practices, such as those outlined in the OWASP Top 10 and SANS CWE Top 25.
  • Strong hands-on experience with API security best practices, including OWASP API Security Top 10, secure authentication (e.g., JWT), rate limiting, input validation, etc.
  • In-depth knowledge of authentication and authorization mechanisms, including OAuth 2.0, OpenID Connect, SAML, and RBAC/ABAC models.
  • Strong understanding of encryption standards, hashing algorithms and key management best practices for securing sensitive data.
  • Proficiency in threat modeling methodologies (e.g., STRIDE, DREAD, PASTA) to systematically identify, analyze, and mitigate potential attack vectors.
  • Experience working with application security testing tools, including SAST, DAST, and SCA tools to proactively detect and remediate vulnerabilities.
  • Familiarity with SIEMs, logging, and monitoring tools (e.g., Splunk, ELK).
  • Familiarity with offensive security methods such as red teaming, penetration testing and vulnerability assessments.
  • Experience with observability and monitoring tools (e.g., Splunk, Datadog).
  • Experience working with Git and automated CI/CD tools.
  • Available to work full-time.
  • Proficient in English.

Nice to Have

The following qualifications are not mandatory but would be valuable:

  • You know your way around Kubernetes, GRPC, and REST
  • You’ve got knowledge or experience in the finance industry
  • SSDLC related certifications (e.g. OSWE, CSSLP, GWEB, CASP).
  • Familiarity with laws governing the privacy and security of personal data (e.g., GDPR, CCPA).

What You Will Do

  • Architect Security Solutions: Design and implement scalable and security, high-impact improvements to our product that support rapid growth and high visibility.
  • Deliver High-Performance Code: Produce efficient, high-performance code that scales to meet the demands of hundreds of thousands of daily users.
  • Stay Hands-On: Maintain active involvement in coding, participating fully in the development process from start to finish.
  • Conduct Quality Code Reviews: Perform thorough and respectful code reviews, maintaining the highest quality standards across the team.
  • Champion Cyber Security Engineering Excellence: Advocate for best practices in engineering, cyber security by promoting efficiency, continuous improvement, innovation and security robustness.
  • Foster Knowledge Sharing: Engage with the Bitso engineering community, contributing to knowledge sharing, innovation, and effective problem-solving.
  • Cyber Security Maturity: Engage with the Bitso Cyber Security needs and evolutions while guiding the team and departments to deliver software with high standards of quality, security and reliability.

Your Team

You work with a team full of engineers that vary in seniority from medium to principal levels. You will have the opportunity to build the most secure parts of the systems in a very exciting and challenging environment.

Who We Are

With over 9 million users, Bitso is the leading cryptocurrency platform in Latin America. We are developing the cryptocurrency ecosystem in the region and enabling financial inclusion. We believe crypto is the future of finance, and we’re committed to making it useful by providing equal access to safe and intuitive financial products.

When we hire people for our team, we specifically test for the following traits in addition to our cultural values:

  • Mission-Driven: We seek individuals who are passionate about crypto and Bitso’s mission and resilient in facing industry challenges

  • High Sense of Urgency: We prioritize candidates who demonstrate a high sense of urgency and responsibility.

  • Exceptional Hard Skills: We seek individuals who possess exceptional skills in their respective fields, with no room for mediocrity.

  • Self-Management: We look for individuals who can independently manage their work, career, and professional development.

Compensation & Benefits

At Bitso, you are taking the front seat on the edge of crypto innovation, creating the next generation of crypto-powered products.

So for those willing to commit, adapt and pioneer the most important change of the century we offer:

  • Me Time program, including unlimited paid time off.
  • Remote-first work environment.
  • Employee Stock Option program.
  • Zero trading fees through our Bitso Alpha app.
  • Extended Family Leave Policy: all birthing parents, non-birthing parents and adopting parents are eligible for a 4-months leave.
  • Premium health, dental and life insurances in Mexico, Gibraltar, Colombia, USA, Brazil and Argentina.
  • Monthly stipend for gym memberships, relaxation activities, sports equipment, cooking classes, books, entertainment and more.

Want to leave an undoubtedly legacy with us? Fasten your seatbelt and join this spaceship, where you will find exponential growth and the opportunity to thrive!

  • These are the applicable requisites, although equivalent competencies in any of the above will also be considered.
  • To see our Privacy Policy please click here.
Share this job:
Please let Bitso know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Bitso logo

Bitso

  • 501-1000 employees
  • Founded in 2014
  • 29 remote jobs

Latest Jobs at Bitso

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply now