Staff Security Lead, Red Team
FalconX
Who are we?
FalconX is the most advanced digital asset platform for institutions. We provide trade execution, credit & treasury management, prime offering and market making services. Given our global operations, industry-leading technology and deep liquidity, we have facilitated client transactions of $1 trillion in volume. Our products & services are regulated, compliant and trusted.
We are a team of engineers, product builders, institutional sales and trading leaders, operations experts, and business strategists. Our teammates have entrepreneurial experience and come from companies such as Google, Apple, Paypal, Citadel, Bridgewater, and Goldman Sachs. And, we embody our values: Think big; Drive bold outcomes; Be one team; Iterate with speed; and be an entrepreneur.
We prioritize learning. Outcomes are mission-critical, but we also believe that learning in success and in failure will drive our continued success. Our industry is emergent - there’s no shortage of experiments to get involved with and to continue growing and learning together.
As a Staff Security Lead for Red Teaming at FalconX, you will be crucial in enhancing our cybersecurity posture by leading sophisticated red team operations. Your expertise will drive the development and execution of strategic attack simulations designed to test and strengthen our defenses.
Responsibilities:
- Red Team Operations:
- Plan, design, and conduct red team exercises that mimic real-world attacks to identify vulnerabilities and test the effectiveness of our security measures.
- Develop custom tools and techniques to simulate adversarial threats.
- Collaborate with blue teams to review and improve incident response and recovery procedures based on red team findings.
- Strategy and Planning:
- Develop strategic plans for the red team that align with organizational cybersecurity goals.
- Stay abreast of the latest cybersecurity threats and leverage emerging technologies and methodologies to enhance red team capabilities.
- Evaluate the security landscape and recommend improvements to existing security policies, procedures, and technologies.
- Team Leadership and Development:
- Recruit, train, and mentor red team members to ensure the team remains at the forefront of cybersecurity practices.
- Foster a culture of continuous learning and improvement within the team.
- Manage team performance and provide leadership in setting and achieving goals.
- Stakeholder Engagement:
- Communicate red team results and insights to stakeholders across the organization, including technical and non-technical audiences.
- Work closely with other security leaders to integrate red team findings into overall security strategies.
- Act as a thought leader in security, providing guidance and advocacy on best practices and strategies to mitigate risks.
- Reporting and Documentation:
- Ensure detailed documentation of red team activities and findings to support continuous improvement.
- Prepare and present detailed reports on the outcomes of red team exercises to senior management.
- Maintain records of attack methodologies and defense mechanisms tested for future reference and regulatory compliance.
Qualifications:
- Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.
- 8+ years of experience in information security with a focus on red teaming, penetration testing, and ethical hacking.
- Have strong research and development capabilities for understanding the different real-world attack scenarios.
- Require technical skills to design and build tools for staging the attack scenarios.
- Strong understanding of network protocols, encryption techniques, and secure coding practices.
- Familiarity with compliance frameworks and regulatory requirements such as ISO 27001, GDPR, and SOC 2.
- Excellent interpersonal and communication skills.
Base pay for this role is expected to be between $193,000 - $253,500 USD. This expected base pay range is based on information at the time this post was generated. This role will also be eligible for other forms of compensation such as a performance linked bonus, equity, and a competitive benefits package. Actual compensation for a successful candidate will be determined based on a number of factors such as skillset, experience, and qualifications.
Notice at Collection and Privacy Policy
Applicants located in California and/or applying to a role based in California, please refer to our Notice at Collection and Privacy Policy here.
Inclusivity Statement
FalconX is committed to building a diverse, inclusive, equitable, and safe workspace for all people. Our roles are intended for people from all walks of life. We encourage all those interested in applying to our organization to submit an application regardless if you are missing some of the listed background requirements, skills, or experiences!
As part of our commitment to inclusivity, FalconX would like to acknowledge that the EEOC survey has limited potential responses that you can select. For legal reasons, FalconX must use this language to align with federal requirements, however, we want to ensure that you are able to provide a response to our own voluntary survey questions about your identity that best aligns with your most true self.
FalconX is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, national origin, ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, or any other legally-recognized protected basis under federal, state, or local law.
Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on FalconX. Please inform FalconX’s People team at recruiting@falconx.io, if you need assistance with participating in the application process.