Head of Security, Nifty Gateway at Gemini (Chicago, IL or Remote)
Empower the Individual Through Crypto
Gemini is a crypto exchange and custodian that allows customers to buy, sell, store, and earn more than 30 cryptocurrencies like bitcoin, bitcoin cash, ether, litecoin, and Zcash. Gemini is a New York trust company that is subject to the capital reserve requirements, cybersecurity requirements, and banking compliance standards set forth by the New York State Department of Financial Services and the New York Banking Law. Gemini was founded in 2014 by twin brothers Cameron and Tyler Winklevoss to empower the individual through crypto.
Crypto is about giving you greater choice, independence, and opportunity. We are here to help you on your journey. We build crypto products that are simple, elegant, and secure. Whether you are an individual or an institution, we want to help you buy, sell, and store your bitcoin and cryptocurrency. Crypto is not just a technology, it's a movement.
At Gemini, our mission is to empower the individual and that includes giving our employees flexibility of choice — our Office Optional Policy allows employees to choose to work from one of our physical locations or from home.
Select roles that are location-specific will still be eligible for flexible schedules.
The Department: Nifty Gateway - Technology
Nifty Gateway was founded with a very simple mission: to make NFTs accessible to everyone. The Nifty Gateway Marketplace is a blockchain-based platform to access some of today’s most sought after fine art and collectibles, from artists like Cey Adams, Grimes, and Trevor Jones to popular crypto-game collectibles like CryptoKitties. With Nifty Gateway, users can purchase NFTs directly with fiat currency using their credit card, like a normal online purchase, making NFTs accessible to anyone.
Part of what makes Nifty Gateway so intriguing is the fear of missing out that is created by the “drop” model the company uses to release new works. Similar to how limited-edition sneakers are released, for which fans wait in long lines for hours in hopes of snagging a pair of shoes, Nifty Gateway’s drops make the online auctions more of an event with the added time pressure element.
Nifty Gateway was founded in 2018 by twins Duncan and Griffin Cock Foster, and acquired by Gemini in 2019. It operates as a “startup within a startup”, with its own consumer brand, its own tech stack, and its own development team, but also lots of shared resources from Gemini, including using Gemini’s secure, institutional-grade crypto infrastructure.
The Role: Head of Security
As with many high-growth startups, Nifty Gateway faces a wide range of security challenges, including application security, cloud security, security operations, anti-fraud and anti-bot protections, incident response, data governance, and blockchain/crypto security. Gemini has a mature Security department, and they’ve been working with Nifty Gateway for the last few years to ensure it remains a secure platform – but that’s mostly just keeping everything humming.
We’re seeking a Head of Security to take ownership of the Security landscape for Nifty Gateway: doing some hands-on appsec work to get acquainted, coming up with a comprehensive security strategy, hiring up a small team where there’s specific expertise required, and coordinating and collaborating with the rest of the Gemini security team to fill in the gaps.
This role will report to the Gemini CSO, and will work closely with the Nifty Gateway tech team, and with the rest of the Gemini security team.
- Lead Nifty Gateway’s information security strategy, including product security, threat detection and response, and governance risk and compliance.
- Develop and enhance existing processes and technologies required to support engineers across the SDL, including design reviews, threat modeling, and code audits.
- Partner with engineering and infrastructure teams to design and build secure, scalable, and reliable services in AWS.
- Mature a growing detection and response program to ensure timely detection and mitigation of attacks against applications, infrastructure, the platform, and our customers.
- Strong written and verbal communication skills; attentive to details
- Strong understanding of web application security and AWS
- Able to troubleshoot and debug issues, and demonstrate a methodical approach to root cause analysis
- Familiarity with configuration management tools
It Pays to Work Here
We take a holistic approach to compensation at Gemini, which includes:
- Competitive Compensation and Profit-Sharing Equity
- Flexible vacation policy
- Retirement Plan Matching
- Generous Parental leave
- Comprehensive health plans
- Training and professional development
At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace and affirmative action employer. If you have a specific need that requires accommodation, please let a member of the People Team know.