Senior Platform Security Engineer

Gemini
New York, US
On-site

Who this role is best for

Aimed at senior security engineers who build production-grade security controls in cloud-native environments, requiring in-office presence twice weekly in New York.

Best fit for

  • Security-focused software engineers comfortable owning AWS/Kubernetes security from design to operations.
    — “build and maintain security controls across diverse environments
  • Cloud infrastructure specialists who bridge security and engineering through consultative partnerships.
    — “partner with engineering teams to enable secure delivery
  • Polyglot security practitioners applying PKI, cryptography, and IAM expertise to infrastructure.
    — “apply expertise in critical neighboring areas

Things to consider

  • Mandatory hybrid schedule with two in-office days per week in NYC.
    — “required to be in person twice a week
  • On-call rotation participation expected for security incidents.
    — “Participate in on-call rotation

How to stand out

  • Showcase production-grade code samples in Python/Go beyond security tooling.
    — “Strong software development skills in Python or Go
  • Highlight cross-functional security collaborations beyond individual contributions.
    — “Work across functions—partnering with AppSec, Threat Detection, and GRC
  • Demonstrate Terraform security implementations, not just infrastructure provisioning.
    — “Proficiency in Terraform for infrastructure-as-code
Pace · Fast PacedCollaboration · HighAutonomy · MediumDecision Impact · TeamLevel · Senior

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • Developed and maintained security controls for AWS and Kubernetes environments
  • Supported IAM initiatives
  • Designed and deployed internal security services
Typical background
5+ years of experience in Information Security, SRE, or Systems Engineering

Skills & requirements

Required

AWSKubernetesIAMRBACPythonGoTerraformPKICryptographyIdentity ManagementNetwork Security

Preferred

DockerCI/CD

Stack & domain

PythonGoAWSKubernetesTerraformIamPkiCryptographyIdentity ManagementNetwork SecurityLeadershipCommunicationProblem-solvingSecurityCloudInfrastructure

About the role

Original posting from Gemini via Greenhouse

About the Company

Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all — bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact.

The Department: Platform Security

The Platform Security team secures Gemini's infrastructure through service hardening and by developing and supporting a suite of foundational tools. We provide secure-by-default infrastructure, consumable security services, and expert consultation to engineering teams for secure cloud and non-cloud infrastructure.

The Role: Senior Platform Security Engineer

The Platform Security team secures Gemini's infrastructure through service hardening and by developing and supporting a suite of foundational tools. As a Senior Platform Security Engineer, you will build and maintain security controls across diverse environments—from hardening cloud and container orchestration systems to enhancing our non-cloud infrastructure. This is a hands-on engineering role where you'll write production code daily, not just configuration.

You'll own security initiatives from design through production operations. This role requires strong software development skills, practical experience with AWS and Kubernetes security, and the ability to partner with engineering teams to enable secure delivery. You will also apply expertise in critical neighboring areas, including PKI, core cryptography, identity management, and network security, to ensure comprehensive protection across the stack.

This role is required to be in person twice a week at our New York City, NY office.

Responsibilities:

Build and maintain security controls for AWS and Kubernetes (EKS) environments, including guardrails, container security scanning, and infrastructure-as-code (Terraform) security

Support IAM initiatives by helping to design and maintain access controls, role-based access control (RBAC) models, and identity governance workflows

Design, deploy, and maintain internal security services and platforms that other engineering teams rely on

Act as a security partner to engineering teams, helping them make secure architecture decisions without blocking innovation

Work across functions—partnering with AppSec, Threat Detection, and GRC—to identify and reduce risk across the entire stack

Participate in on-call rotation for platform security incidents

Minimum Qualifications:

5+ years of experience in Information Security, SRE, or Systems Engineering

Strong software development skills in Python or Go with experience building production services

Solid experience with AWS (or similar cloud providers), including familiarity with IAM roles, VPCs, and native security controls

Hands-on experience with Kubernetes/EKS and containerization concepts, including pod security policies and container lifecycle

Understanding of IAM principles, RBAC, and least-privilege access models

Proficiency in Terraform for infrastructure-as-code

Ability to self-scope and execute technical goals with minimal supervision

Preferred Qualifications:

Experience with identity providers (IdP) like Okta and standards like SAML/OIDC

Experience writing Policy-as-Code (e.g., Open Policy Agent/Rego)

Background in Linux systems engineering or network security

Experience building and operating high-availability critical systems

It Pays to Work Here

 

The compensation & benefits package for this role includes:

Competitive starting pay

A discretionary annual bonus

Long-term incentive in the form of a new hire equity grant

Comprehensive health plans

401K with company matching

Paid Parental Leave

Flexible time off

Salary Range: The base salary range for this role is between $140,000 - $200,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate’s compensation, we consider a number of factors including skillset, experience, job scope, and current market data.

In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce.

At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know.

#LI-AA1

Source: Gemini careers (Greenhouse)

Similar roles