About MoonPay 🌖💸
Hi, we’re MoonPay. We’re here to onboard the world to Web3.
Why? Because we think Web3 is a unique and democratising technology. It gives people back control of their money, digital identity, data, and property like nothing else before it.
What we do
We’re the leading infrastructure company in Web3. This means we offer our partners everything from payment solutions (we call them 'Ramps') to minting software for digital collectibles, like NFTs. And over 30 million people around the world now trust our products — just take a look on Trustpilot.
We’re also big on collaborations. And we've worked on stunts, drops, and partnerships with some of the world's most prestigious and forward-thinking brands.
But that’s not all. We have also built our own consumer app because we wanted to see if we could build a better Web3 account. It’s taken off in a big way, and we're working hard to continually improve it and to strive for perfection.
So whatever your background, we’re sure there’s something for you here. Come help us build the future of Web3 and digital ownership.
🌔 About the Opportunity
Our Product Security Squad is a dynamic blend of proactive defenders and inquisitive problem-solvers. We're dedicated to fortifying our systems through rigorous security reviews, hands-on penetration testing, and proactive threat modelling. We actively manage our Bug Bounty program, ensuring swift response and remediation, and leverage cutting-edge tools like Cloudflare's WAF to build robust defenses. We offer an extensive number of security services to our Engineering teams including cloud security, tailored security advice, threat modelling and penetration testing. Collaboration is key, as we embed security best practices throughout the SDLC. Crucially, we are expanding our capabilities in security automation and vulnerability management, integrating tooling directly into development workflows and driving efficient vulnerability resolution across the organization. We are constantly researching emerging threats, crafting effective mitigation strategies, empowering our engineering teams with comprehensive training, maintaining up-to-date security standards, and leading incident response with precision. We are passionate about fostering a secure environment and contributing to the wider security community.
🚀 What you will do
💻 What you'll be working on
As a key member of our Product Security squad specifically in the Automation and Vulnerability Management Team, you will focus on embedding security seamlessly into our Software Development Lifecycle (SDLC). You'll be hands-on in building, integrating, and optimizing security automation pipelines, incorporating tools for static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and secrets detection directly into our CI/CD processes. You will champion and manage our vulnerability management program, ensuring vulnerabilities are identified, prioritized, tracked, and remediated efficiently. You'll drive improvements in our supply chain security through initiatives like the SLSA framework. Collaborating closely with engineering teams, you'll automate security workflows, enhance our security posture through innovation, and play a vital role in protecting MoonPay's infrastructure and applications.
🧑🚀 About You