Anchorage Digital

Member of Technical Staff, PlatSec - Security Engineering

Job Description

Posted on: 
October 16, 2024

At Anchorage Digital, we are building the world’s most advanced digital asset platform for institutions to participate in crypto.


Anchorage Digital is a crypto platform that enables institutions to participate in digital assets through custody, staking, trading, governance, settlement, and the industry's leading security infrastructure. Home to Anchorage Digital Bank N.A., the only federally chartered crypto bank in the U.S., Anchorage Digital also serves institutions through Anchorage Digital Singapore, Porto by Anchorage Digital, and other offerings.


The company is funded by leading institutions including Andreessen Horowitz, GIC, Goldman Sachs, KKR, and Visa, with its Series D valuation over $3 billion. Founded in 2017 in San Francisco, California, Anchorage Digital has offices in New York, New York; Porto, Portugal; Singapore; and Sioux Falls, South Dakota. Learn more at anchorage.com, on X @Anchorage, and on LinkedIn. 


The Security Team is responsible for shaping and maintaining a culture of trust, safety, and resiliency that our clients and regulators expect. This team maintains the core production security infrastructure, ensures secure coding and owns monitoring, incident response, access permissioning, continuous control improvement security testing, SOC attestion and third party relationships.


As a member of this team, focusing on Security Operations and Monitoring, you will be responsible for ensuring that we maintain the proper visibility and response capabilities over our custody platform and IT environment. You would be an impactful stakeholder within the team, with the opportunity to significantly contribute to medium-to-large features. You’d be a clear expert in triaging and responding to the numerous signals that come in through various channels. You should understand the “why” and “bigger picture” and use them to contribute to the prioritization of the roadmapped features, and the ever-expanding footprint of Anchorage Digital. Additionally, you will have cross-team exposure, working as a reliable partner who can apply expertise to have significant influence within and outside the team. Being successful in this role means delivering impactful work improving the stability and resiliency of the overall team, embracing and adding to the Anchorage Digital culture, and above all, prioritizing the safety and security of Anchorage Digital and its clients.


We have created the Factors of Growth & Impact to help Villagers better measure impact and articulate coaching, feedback, and the rich and rewarding learning that happens while exploring, developing, and mastering the capabilities and contributions within and outside of the Security Engineer role:

Technical Skills:

  • Build secure, resilient, and global infrastructure from the ground up!
  • Review code across the entire stack and engineering organization while actively participating in product development.
  • Foster an efficient deterministic testing culture, with an emphasis on minimizing tech debt and bureaucracy.
  • Complexity and Impact of Work:

  • Face challenges and exercise judgment in enabling controls, ensuring that Anchorage Digital maintains a risk-based prioritization of the scanning, alerting, and automated remediation.
  • Review and evaluates results of incident post-mortems and security investigations to evolve the footprint of our security monitoring and ensure that it remains appropriate as the company scales in size and complexity.
  • Determines methods and procedures on security monitoring and operations, while successfully navigating roadblocks and obstacles that may come up, and escalating when blocked.
  • Drive work independently, lead or significantly contribute to medium-to-large Security Team initiatives. These are usually multi-person projects that may cross engineering team boundaries, including leading from end-to-end with little oversight and coordinating activities of other team members.
  • Break down large projects into smaller tasks, and accurately estimate the time and scope of projects and effectively articulate the different options considered, analyze trade-offs, and justify and recommend priorities.
  • May be accountable for delivering tactical investigations or client responses that support Anchorage Digital’s business relationships.
  • Be a contributor of high quality code and infrastructure who makes impactful technical contributions to our platform, and monitors technical debt and opportunities for improvement.
  • Organizational Knowledge:

  • Be aware of the company’s strategy to guarantee its successful implementation and be involved considered in the planning and definition of strategic goals of the Security Team.
  • Monitor the development of the company objectives and/or trends that may affect its capacity to succeed.
  • Deeply consider security across the entire product ecosystem and help create a company culture that does as well.
  • Find the right balance between progress (i.e. shipping quickly) and perfection (i.e. measuring twice).
  • Help scale the team.
  • Communication and Influence:

  • Ensure that knowledge is shared among the team. This includes shadowing other members of the Security Team to ensure you can assist if they are unavailable.
  • Mentor and guide multiple engineers on the Engineering team and help others understand the Anchorage Digital’s strategic goals, empowering other engineers to safely develop new technologies and services with proper oversight and assurance.
  • Cross direct team and service boundaries to solve problems, including reviewing specs published by other teams, and participating in technical discussions.
  • Effectively communicate insights, recommendations, conclusions and ideas on how to improve the team (e.g. process, technical backlog, etc.).
  • Understand context or underlying needs, motivations, emotions and concerns of others and adjust communication to ensure maximum impact and effectiveness.
  • You may be a fit for this role, if you have:

  • You have extensive knowledge of information security, cloud computing, and security monitoring and serves as an internal knowledge resource for this expertise.
  • You have a wide-ranging experience, uses indepth professional concepts, knowledge, insights and company’s objectives to triage, investigate, and resolve security issues across multiple environments and axes; e.g. scale, uncertainty, interconnectedness.
  • You have real world experience shipping product and implementing secure frameworks, libraries, and services.
  • You have a deep understanding of common crypto protocols (TLS, GPG, SSH, etc.), code signing, networks security, authentication/authorization, and the threat landscape for state-of-the-art attacks.
  • You have experience developing threat models and conducting incident response/forensics.
  • You genuinely care about code quality and test infrastructure.
  • You prioritize end-user experience and business value over “cool tech.”
  • You have developed “computer science fundamentals”, i.e. concurrency, algorithms, and data structures (Formal CS degree NOT required).
  • You self-describe as some combination of the following: creative, humble, ambitious, detail-oriented, hardworking, trustworthy, eager to learn, methodical, action-oriented, and tenacious.
  • Although not a requirement, bonus points if:

  • In your mind the word “crypto” stands for cryptography, not cryptocurrency.
  • You read blockchain protocol white papers for fun, and stay up to date with the proliferation of cryptoasset innovations.
  • You have a background in the finance industry.
  • You were emotionally moved by the soundtrack to Hamilton, which chronicles the founding of a new financial system. :)