Product Manager, Security & Risk

The Company

Swan is a leading Bitcoin-only financial services company supporting individuals and companies throughout their Bitcoin journey. We hire passionate Bitcoiners who want to work with a self-motivated and fully distributed startup team.

The Role

Swan is hiring a Product Manager for a hands-on role to work closely with our Application Security, Product, and Engineering Teams. As a core member of the Application Security team, you will advise teams on critical security design elements and collaborate on solutions and design modifications to improve the overall security posture of Swan Web, Mobile, and Custody offerings.

You will be bridging the gap between security subject matter expertise and improving customer journeys. We are looking for people with a strong technical background that want to transition into a product role, or people with strong product experience in the security and risk realm that would like to work closely with developers.

It starts with solid experience and interest in security, a strong technical background, and an appetite to explore, learn and secure things to protect our customers!

Your responsibilities

• Investigate user journeys related to security and risk, and work toward the goals of increasing self-custody, reducing the potential for mistakes, and protecting clients and Swan from fraud and account takeovers.
• Evaluate findings from security reviews and third-party audits. Prioritize and schedule work related to risk and security from reports and user feedback.
• Shape security and risk work alongside developers, security, and other teams. Work ahead of developer cycles to answer questions related to implementation, producing diagrams, flows, and ensuring that work is well specified and coordinated across teams.
• Lead the team’s Shape Up process and prioritization across multiple services, business priorities, and new opportunities
• Participate in threat modeling sessions with the broader security team on new and existing products, helping bring the client perspective to the table.
• Work closely with the dev/sec/ops team to ensure that work produced by developers feeds downstream threat detection systems.
• Proactively research new technologies and tools, and make technology recommendations in service of improved client and site security.

Skills and experience that will help you succeed

• Coding skills in one or more general-purpose scripting languages.
• Deep knowledge of common classes of software vulnerabilities such as XSS, CSRF, SQLi, OWASP Top 10, cryptographic attacks, and beyond.
• Experience managing security or privacy compliance-related engineering programs.
• Experience managing security infrastructure and operational security.
• Experience conducting security assessments on mobile apps and cloud services running on a variety of operating systems, including containers.
• Demonstrable experience in product management, and one or more other disciplines (product design, engineering, sales, marketing, etc)
• Strong skills in communications, tools, and product practices (Notion, Whimsical, Figma, lean canvas, value prop design, JTBD, etc).
• Bachelor’s degree in computer science or closely related discipline or equivalent experience.

Here's a bit about our culture

• We’re a growing team: Fully distributed across the world, Slack and Huddles are huge here.
• We’re very flat: Leadership is desired and encouraged; we hire people who care about and use the product they are working on.
• We’re Bitcoiners: We find solutions that encourage Bitcoin principles. We are often involved in the Bitcoin community through writing, podcasts, conferences, open source projects, and time spent on Twitter to help educate the masses. We love Bitcoin, and it comes through in our daily chats, meetings, and actions.

Join us, become a Swan!