Associate Security Engineer

Summary

Join Galaxy Digital as an Associate Security Engineer (Vulnerability Management) and administer application security tooling, driving the vulnerability management program. Collaborate with product and offensive security engineers to tackle complex technical challenges aligned with Galaxy's business objectives. This role reports to the Director of Product Security and involves close interaction with Engineering, DevOps, and Infrastructure teams. Responsibilities include administering application security tooling, providing support and documentation, developing dashboards and KPIs, analyzing data, supporting the vulnerability management program, tracking remediation progress, coordinating with engineering teams, leveraging AI-driven tools, and assisting in security assessments. The ideal candidate possesses a Bachelor's or postgraduate diploma in cybersecurity or technology, 2-4 years of experience, proficiency in scripting or object programming, familiarity with application security and vulnerability management, strong analytical skills, excellent communication skills, and relevant security or cloud certifications.

Requirements

• Bachelor or post-graduate diploma in cybersecurity or technology
• 2–4 years of work experience in cybersecurity, software development, or security operations
• Proficiency in scripting or object programming languages
• Familiarity with application security and vulnerability management practices
• Strong analytical skills, detail-oriented, proactive, and capable of independent problem-solving
• Very good verbal and written communication skills, collaborative and solution-driven
• Security or cloud certifications

Responsibilities

• Administer application security tooling: manage and configure to reduce false positives and enhance accuracy
• Provide comprehensive support and documentation of security tooling to encourage adoption among engineering teams
• Develop dashboards and KPIs to clearly visualize security activities, vulnerabilities, and cybersecurity risks for individual departments or teams
• Aggregate and analyze data from vulnerability management and asset inventory systems
• Support the vulnerability management program by ensuring technology teams adhere to SLAs for vulnerability triage and remediation
• Track and report on vulnerability remediation progress across infrastructure and application environments
• Coordinate with engineering teams to validate, assign, and prioritize vulnerabilities based on risk and asset criticality
• Leverage AI-driven tools for efficient data analysis and qualitative risk assessment
• Assist in security assessments and proactively suggest improvements related to tooling and risk insights

Benefits

• Competitive base salary and discretionary bonus
• Flexible Time Off (i.e. unlimited paid vacation days)
• Company paid Holidays (11)
• Company paid sick leave
• Company-paid health and protective benefits for employees, partners, and other dependents
• 3% 401(k) company contribution
• Generous paid Parental Leave
• Free virtual coaching and counseling sessions through Headspace
• Opportunities to learn about the Crypto industry
• Free daily snacks in-office
• Smart, entrepreneurial, and fun colleagues
• Employee Resource Groups