Staff Application Security Engineer

It’s rare that a new asset class is born. Nevertheless, we’re witnessing exactly that with the rise of crypto. Over just the last few years, since Bitwise was founded, crypto has evolved from an embryonic $50B market to a growing $3T+ juggernaut. This is an exciting moment for Bitwise as a firm. For eight years, we have established a track record of excellence managing a broad suite of index and active solutions across ETFs, separately managed accounts, private funds, institutional staking, and hedge fund strategies. This year, we crossed $15B in client assets and are growing quickly. Thousands of financial advisors, family offices, and institutional investors partner with Bitwise to understand and access the opportunities in crypto. We are known for providing unparalleled client support through expert research and commentary, a nationwide client team of crypto specialists, and deep access to the crypto ecosystem. Currently, Bitwise is a close-knit team of 100+ global professionals. Think of us as a mix of an asset manager and a tech start‑up. We’re backed by some of the most accomplished investors in venture capital and veterans of the financial services world. We love working together, we love what we do, and we’re excited about what’s ahead.

About The Role

Our engineering organization is growing, and with that growth comes an expanding application and infrastructure footprint that requires dedicated application security ownership. This role exists to build that function from the ground up. As our first dedicated Staff Application Security Engineer, you will own the design and implementation of our application security program, from SAST and DAST tooling to secure SDLC practices, threat modeling, dependency security, and penetration testing coordination. You will work directly with engineering teams across a cloud‑based environment securing both customer‑facing products and internal systems. You will be reporting directly to the Head of Security and will have the autonomy and organizational support to build an application security program that is practical, scalable, and aligned to the risk profile of a company operating in the digital asset space.

Primary Responsibilities

• Static short‑and long‑term disability plans
• Company‑funded 401(k) plan, no matching required
• Unlimited PTO
• 10 paid company‑wide holidays
• Company‑wide winter break for most roles
• Office spaces in San Francisco, New York, and London
• Meals and snacks provided in office
• Paid company cell phone or stipend
• Bitwise “Buddy” Program (30‑day new‑hire success program)
• Annual anniversary gifts
• Company‑wide events including annual holiday party
• Internal Women of Bitwise (WOB) group with fun events

Our Values

• Create “a ha” moments
• Move fast, with informed rationale
• Ask “What would the client want?”
• Show gratitude

Your Interview Process

• Recruiter Interview
• Hiring Manager Interview
• Work Sample
• Meeting the Team
• Executive/Founders Interview
• References
• Offer!

Bitwise is an equal opportunity employer. We are committed to building a team of people with a variety of backgrounds, perspectives, and skills. It is the policy of Bitwise to ensure equal opportunity. All candidates are considered without regard to race, color, religion, national origin, age, sex, sexual orientation, gender identity, marital status, ancestry, physical or mental disability, veteran status, or any other legally protected characteristics. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Please note that we do not sponsor visas for persons without work authorization in the United States. This role is for full‑time employees only (no B2B or contractors). Thank you!

The Pay Range For This Role Is 185,000 - 260,000 USD per year (Remote), 185,000 - 260,000 USD per year (NYC Office), 185,000 - 260,000 USD per year (SF Office), 185,000 - 260,000 USD per year (London Office)