As Lead Security Engineer, you will drive Moonbase's security strategy and execution across application security, cloud and infrastructure security, and security operations. You will work closely with engineering and product teams to enable rapid shipping while protecting user funds, sensitive data, and critical systems.
Responsibilities
- Own Moonbase's end-to-end security program: strategy, roadmap, and measurable outcomes
- Embed security into planning, design, and delivery with product and engineering leads (secure-by-default)
- Lead hands-on security engineering across AppSec, Cloud/Infra, and SecOps
- Build and run a pragmatic vulnerability management program (discovery, triage, remediation SLAs, verification)
- Perform risk assessments for new services, architecture changes, and third-party integrations
- Lead audits with third-party firms, including evidence collection and remediation tracking
- Ensure compliance with security governance, regulatory requirements, and internal policies
- Define and lead AI security governance for safe LLM adoption (data handling, prompt safety, vendor integrations)
- Design controls for AI-specific threats and use automation/AI to improve detection, triage, and response efficiency
Required Qualifications
- 6+ years of cybersecurity or security engineering experience, including ownership of security outcomes in production environments
- Strong hands-on experience in at least one: app security, cloud/infra security, and incident response
- Deep understanding of modern cloud environments including IAM, networking, logging/monitoring, encryption, and secrets management
- Experience securing containerized and orchestrated workloads (Docker, Kubernetes) and CI/CD systems
- Strong knowledge of common security frameworks and controls (NIST, ISO 27001/27701, CIS) and how to apply them pragmatically
- Ability to design security controls for high-availability, high-throughput systems
- Proficiency in written and spoken English is a plus.
Nice to Have
- Experience securing crypto exchange or trading systems (wallets, custody models, transaction pipelines, market data, matching engines)
- Knowledge of blockchain technologies (Bitcoin, Ethereum, Solana, etc.) and smart contract and wallet threat models
- Experience with compliance and audits relevant to financial systems (SOC 2, ISO 27001), and vendor risk management
- Experience with modern detection stacks and cloud-native security tooling
- Experience leading security for a fast-moving startup environment
What We Offer
- Competitive salary and token/equity compensation
- Opportunity to work on cutting-edge crypto trading technology
- A small, high-caliber team where your contributions have outsized impact
- Collaborative, transparent culture that values ambition, learning, and shipping fast
- Flexible working environment
How We Work
- We value ambition and work ethic over prestige and accomplishments
- We value thoughtful dialogue over siloed decision-making
- We value acknowledging uncertainty and seeking support over unabated confidence
- We're obsessive about documenting everything, learning, and shipping as fast as possible
- We empower engineers to own the vision and make it 10x bigger
