Jobs · Information Technology · California

Director, Ecosystem Product Security

Stellar Development Foundation · San Francisco, CA · 3 mo ago
HybridInformation Technology$225k–$320k/yrFull-time

About the role

Since 2014, the mission-driven team at the Stellar Development Foundation (SDF) has helped fuel the tremendous growth of the Stellar blockchain network, an open-source platform that operates at high-scale today. Developers and companies around the world build on it, and the SDF team is expanding to support the rapidly growing and changing Stellar ecosystem. We're hiring a Director, Ecosystem & Product Security to lead security strategy across the Stellar ecosystem and directly own security outcomes for Foundation-developed systems, Foundation-operated infrastructure, and treasury-related security responsibilities.

Responsibilities

  • Define and lead the Foundation’s security strategy across both the Stellar ecosystem and Foundation-owned systems
  • Raise the practical security baseline for key ecosystem participants, including wallets, infrastructure providers, custodians, issuers, and validators
  • Publish actionable guidance, reference patterns, and security expectations that drive real adoption across the ecosystem
  • Build coordination mechanisms for shared risks, incident response, and cross-ecosystem security improvement
  • Own security outcomes for Foundation-developed software, Foundation-operated infrastructure, and treasury / custody-related responsibilities
  • Partner with Engineering, Finance, Legal, IT, and Corporate Security to drive implementation of security controls and secure operating practices
  • Lead secure development efforts across architecture, threat modeling, vulnerability management, bug bounty programs, and product incident response
  • Build and lead a high-performing security team, while translating strategy into execution plans and measurable outcomes
  • Represent the Foundation externally as a credible technical leader and convener on ecosystem security

Requirements

10+ years of experience in security, including significant experience in senior leadership roles

5+ years leading security programs, teams, or functions with meaningful scope

Deep experience in product and application security, with hands-on judgment in real-world environments

Strong familiarity with blockchain and decentralized system security

The ability to assess and prioritize risk across areas such as protocol design, smart contracts, wallets, validators, dependencies, and governance mechanisms

Experience driving security improvements across multiple teams, organizations, or ecosystem participants, including in environments where you do not have direct authority

Strong incident judgment, including experience handling high-severity incidents and disclosure processes

A pragmatic approach to security, with the ability to make tradeoffs that reduce real-world risk rather than optimize for theoretical completeness

Experience building, leading, and developing high-performing security teams

The ability to set strategy, translate it into execution, and deliver measurable outcomes

Clear communication skills and the credibility to work effectively with engineers, executives, and external ecosystem participants

Experience operating in environments where security failures could lead to financial loss, operational disruption, or loss of trust

Qualifications

Experience with secure development frameworks such as NIST SSDF

Familiarity with Web3 security frameworks such as OWASP SCSVS or SEAL

Experience in financial infrastructure, payments, custody, or tokenized finance

Experience with large-scale platform or ecosystem security architecture

Experience in identity, trust, encryption, or internet-scale systems

Similar jobs