Senior/Staff Security Engineer - Secure the Future of Crypto with Phantom
Phantom is revolutionizing how millions interact with the crypto ecosystem. Our self-custodial wallet provides a seamless, unified experience across Solana, Bitcoin, Ethereum, and Polygon, empowering users with a single, convenient solution. We're not just building a wallet; we're building the future of decentralized finance. With over 15 million MAUs, top rankings in the Google Play Store, and recognition alongside giants like X, PayPal, and Coinbase, we're making waves in the industry.
Join us as our first dedicated Senior/Staff Security Engineer focused on corporate infrastructure security! You'll work directly with the Head of Security, taking ownership and scaling the security of Phantom's internal environment from the ground up. This is a high-impact, foundational role where you'll have the opportunity to shape our security posture and protect a rapidly growing company.
You'll be the shield for our distributed workforce, the guardian of our corporate systems, and the enabler of our team's agility. This role sits at the critical intersection of security engineering, IT operations, and risk management, allowing you to build security controls that are both robust and user-friendly. Are you ready to build the next generation of secure corporate infrastructure for a leading crypto wallet?
What You'll Do
Build & Secure Corporate Infrastructure
Design, implement, and manage security for all corporate endpoints across our fully distributed workforce.
Deploy and operate our security stack, including MDM, EDR/XDR, ZTNA, and SSO.
Implement zero-trust architecture principles, including device trust, conditional access, and least-privilege controls.
Enforce security baselines, hardening standards, and compliance policies across all corporate systems.
Build and maintain secure authentication systems and identity management workflows.
Drive Security Initiatives & Risk Reduction
Lead security initiatives for endpoint hardening, access controls, and corporate infrastructure protection.
Conduct security design reviews and risk assessments for new services, tools, and integrations.
Perform vulnerability assessments and drive remediation efforts across corporate systems.
Partner with IT and cross-functional teams to balance security requirements with business velocity.
Develop and enforce IT security policies, standards, and procedures aligned with industry best practices.
Detection, Response & Automation
Respond to security incidents and events impacting corporate systems with urgency and technical depth.
Collaborate with the Detection & Response team to build detection rules, alerts, and monitoring for corporate infrastructure threats.
Automate security workflows using Python, Go, or similar languages to reduce manual toil.
Create runbooks and playbooks for common security scenarios.
Leverage security tooling and automation to scale security operations efficiently.
Security Culture & Education
Evangelize security best practices through education, training, and internal communications.
Build security awareness programs that empower employees to make secure decisions.
Partner with engineering teams to embed "secure by default" principles into development workflows.
Serve as a trusted security advisor across the organization.
What We're Looking For
Must-Have
5+ years of experience in corporate/enterprise security, IT security, or endpoint security engineering.
Deep hands-on expertise with:
MDM platforms: JAMF, Kandji, Intune, or similar for macOS/iOS fleet management.
EDR/XDR solutions: CrowdStrike, SentinelOne, Microsoft Defender, or similar.
Identity & Access Management: Okta, Azure AD/Entra ID, or similar SSO/IAM platforms.
Authentication protocols: SAML, OAuth, OIDC, SCIM.
Zero Trust architecture: Device trust, conditional access, identity verification, and least-privilege access models.
Strong scripting/automation skills: Python, Go, Bash for security automation and tooling.
Cloud security knowledge: Hands-on experience with AWS, GCP, or Azure.
macOS security expertise: Deep understanding of macOS security architecture, hardening, and management.
Proven ability to independently manage projects, navigate ambiguity, and drive initiatives to completion.
Collaboration skills: Ability to work cross-functionally, influence without authority, and translate security requirements for non-technical stakeholders.
Security-first mindset with practical knowledge of zero-trust principles, defense-in-depth, and risk-based security.
Nice-to-Have
Crypto/Web3 or fintech experience: Prior work at crypto exchanges, wallets, DeFi protocols, or fintech startups.
Detection engineering background: Experience with SIEM, log analysis, threat hunting, or SOC operations.
Modern threat landscape knowledge: Understanding of adversary tactics, techniques, and procedures (TTPs) including social engineering, phishing, and insider threats.
Security compliance experience: Familiarity with SOC 2, ISO 27001, or similar frameworks.
BYOD security models: Experience securing contractor and vendor access in distributed environments.
What Makes You Successful Here
Ownership mentality: You don't wait to be told what to do. You identify problems, propose solutions, and execute with autonomy.
Extreme urgency: Crypto moves fast. You thrive in high-velocity environments and can ship quickly without sacrificing quality.
Builder's mindset: You see security as an enabler, not a blocker. You build elegant solutions that protect without creating friction.
Technical depth: You can dive deep into complex problems, debug issues across the stack, and architect scalable solutions.
Pragmatic security: You balance security best practices with business needs and user experience. Perfect security doesn't exist—effective security does.
Growth mindset: You embrace new technologies (including AI), stay current with evolving threats, and constantly expand your skill set.
Strong communication: You can explain security concepts to engineers and executives alike, and you document your work clearly.
Why Work with Us
Opportunity
We're a team of experienced builders passionate about making crypto accessible to everyone. Our commitment to a secure and seamless user experience has made us the leading wallet on Solana, and our multi-chain approach positions us for continued growth and innovation. There has never been a better time to work in crypto to help shape the future with a focus around the wallet experience!
First impressions matter: Wallets are responsible for a user's first impression with crypto, onboarding new users into the ecosystem.
Make crypto easier to navigate: Help users discover and navigate all that crypto has to offer, beyond just onboarding.
We live in a multi-chain world: We currently support Solana, Ethereum, Polygon, and Bitcoin, with more networks on the horizon, to create a unified crypto experience.
Benefits
Competitive salary and equity
Comprehensive insurance (medical/dental/vision) — 100% covered
Stipend for your ideal remote set-up
Flexible hours and a supportive remote environment
Unlimited vacation: Take time when you need it (and we really mean it!)
401(k) retirement plan
Monthly wellness benefit
Weekly meal benefit
Global off-sites
We strongly encourage candidates of all backgrounds to apply. We're committed to building an inclusive, supportive place for you to do the best work of your career.
The target base salary for this role will range between $225,000 to $285,000 with the addition of equity and benefits. This is determined by a few factors including your skillset, prior relevant experience, quality of interviews and market factors (such as location) at the point in time of offer.