Senior Staff Security Engineer, Ripple Treasury

Ripple Ripple · Fintech · Chicago, IL +1 · Engineering

Senior Staff Security Engineer for Ripple Treasury, focusing on application security, cloud infrastructure security, and secure software delivery. Responsibilities include threat modeling, security architecture reviews, owning the secure SDLC, driving cloud security, ensuring compliance (SOC 2, ISO 27001), vulnerability management, building a Security Champions model, influencing engineering architecture, and mentoring engineers. Requires 10+ years of experience, expertise in product and infrastructure security, cloud environments (Azure, AWS), DevSecOps, Python/Go, and cryptographic principles. FinTech/crypto background is a plus.

What you'd actually do

  1. Serve as the dedicated Security Engineering partner for Ripple Treasury BU, owning the security posture of the Treasury solution and infrastructure environment from assessment through remediation and ongoing maturity improvement.
  2. Lead threat modeling and security architecture reviews across Treasury offerings.
  3. Own the secure software development lifecycle for your product surface area, defining security guardrails, CI/CD integrations, and developer guidance that make secure by default a practical reality.
  4. Drive the cloud security architecture for Treasury across Azure and AWS, including IAM, network segmentation, encryption, zero trust controls, Kubernetes traffic policies, and DDoS and WAF strategy, ensuring full alignment with Ripple's infrastructure standards as Treasury integrates.
  5. Partner with GRC to ensure Treasury meets its compliance obligations across SOC 2, ISO 27001, and applicable financial regulatory frameworks as the BU integrates into Ripple's governance program.

Skills

Required

  • 10+ years of Security Engineering experience
  • hands-on work in Product Security
  • hands-on work in Infrastructure Security
  • Expert-level product security skills
  • threat modeling using STRIDE or equivalent
  • security architecture review
  • OWASP Top 10 and beyond
  • API security
  • authentication and authorization design
  • secure SDLC development
  • Deep expertise in securing cloud environments across Azure, AWS, and/or GCP
  • IAM architecture
  • network security
  • secrets management
  • container and Kubernetes security
  • infrastructure as code security
  • Hands-on experience building and operating DevSecOps tooling
  • static analysis
  • dynamic analysis
  • software composition analysis
  • secrets scanning
  • container scanning
  • CI/CD pipeline security integration
  • Strong software engineering skills in Python, Go, or equivalent
  • ability to build security tooling
  • automate controls
  • integrate security into engineering workflows
  • Experience with cryptographic principles
  • key management
  • HSMs
  • MPC
  • PKI
  • key rotation
  • understanding of the consequences of key management failure in financial infrastructure

Nice to have

  • Background in FinTech
  • crypto
  • blockchain
  • high-stakes financial environments
  • security failures have direct customer or systemic financial impact

What the JD emphasized

  • security posture
  • secure software delivery
  • cloud security architecture
  • compliance obligations
  • vulnerability discovery
  • threat landscape