About Stellar

Stellar is a decentralized, public blockchain that gives developers the tools to create experiences that are more like cash than crypto. The network is faster, cheaper, and far more energy-efficient than most blockchain-based systems.

About the Role

We're hiring a Director, Ecosystem & Product Security to lead security strategy across the Stellar ecosystem and directly own security outcomes for Foundation-developed systems, Foundation-operated infrastructure, and treasury-related security responsibilities. The role is both strategic and hands-on, requiring deep technical judgment across decentralized systems, product security, and operational risk.

Key Responsibilities

- Define and lead the Foundation's security strategy across the Stellar ecosystem and Foundation-owned systems

- Raise the practical security baseline for key ecosystem participants including wallets, infrastructure providers, custodians, issuers, and validators

- Publish actionable guidance, reference patterns, and security expectations that drive real adoption across the ecosystem

- Build coordination mechanisms for shared risks, incident response, and cross-ecosystem security improvement

- Own security outcomes for Foundation-developed software, Foundation-operated infrastructure, and treasury/custody responsibilities

- Partner with Engineering, Finance, Legal, IT, and Corporate Security to drive security controls

- Lead secure development efforts across architecture, threat modeling, vulnerability management, bug bounty programs, and product incident response

- Build and lead a high-performing security team

Requirements

- 10+ years of experience in security, including significant senior leadership experience

- 5+ years leading security programs, teams, or functions with meaningful scope

- Track record of owning security outcomes for complex, high-consequence systems in production

- Deep experience in product and application security with hands-on judgment in real-world environments

- Ability to assess and prioritize risk across protocol design, smart contracts, wallets, validators, dependencies, and governance mechanisms

- Experience driving security improvements across multiple teams, organizations, or ecosystem participants, including without direct authority

Bonus Skills

- Strong familiarity with blockchain and decentralized system security

- Experience operating in environments where security failures could lead to financial loss or loss of trust

- Strong incident judgment, including experience handling high-severity incidents and disclosure processes

- Experience with secure development frameworks such as NIST SSDF

- Familiarity with Web3 security frameworks such as OWASP SCSVS or SEAL

- Experience in financial infrastructure, payments, custody, or tokenized finance

- Experience in identity, trust, encryption, or internet-scale systems