# Director, Ecosystem Product Security

**Company:** [Stellar](https://hotfix.jobs/companies/stellar)
**Location:** San Francisco, CA, New York, NY
**Role:** Security Engineering
**Salary:** $225k – $335k/yr
**Experience:** 10+ years
**Skills:** Blockchain Security, Smart Contracts, Product Security, Threat Modeling, Vulnerability Management, Bug Bounty Programs, Incident Response, Decentralized Systems, Protocol Design, Application Security, Nist Ssdf, Owasp, Web3 Security
**Posted:** 2026-04-06

> Leads security strategy for Stellar blockchain ecosystem and Foundation systems, raising security standards for wallets, validators, and infrastructure. Owns outcomes for high-stakes software/infrastructure, builds security team, and drives cross-team improvements. Requires 10+ years security experience with blockchain expertise.

## Job Description

## Responsibilities
- Define and lead the Foundation's security strategy across both the Stellar ecosystem and Foundation-owned systems
- Raise the practical security baseline for key ecosystem participants, including wallets, infrastructure providers, custodians, issuers, and validators
- Publish actionable guidance, reference patterns, and security expectations that drive real adoption across the ecosystem
- Build coordination mechanisms for shared risks, incident response, and cross-ecosystem security improvement
- Own security outcomes for Foundation-developed software, Foundation-operated infrastructure, and treasury / custody-related responsibilities
- Partner with Engineering, Finance, Legal, IT, and Corporate Security to drive implementation of security controls and secure operating practices
- Lead secure development efforts across architecture, threat modeling, vulnerability management, bug bounty programs, and product incident response
- Build and lead a high-performing security team, while translating strategy into execution plans and measurable outcomes
- Represent the Foundation externally as a credible technical leader and convener on ecosystem security

## Requirements
- 10+ years of experience in security, including significant experience in senior leadership roles
- 5+ years leading security programs, teams, or functions with meaningful scope
- A track record of owning security outcomes for complex, high-consequence systems in production
- Deep experience in product and application security, with hands-on judgment in real-world environments
- Strong familiarity with blockchain and decentralized system security
- The ability to assess and prioritize risk across areas such as protocol design, smart contracts, wallets, validators, dependencies, and governance mechanisms
- Experience driving security improvements across multiple teams, organizations, or ecosystem participants, including in environments where you do not have direct authority
- Strong incident judgment, including experience handling high-severity incidents and disclosure processes
- A pragmatic approach to security, with the ability to make tradeoffs that reduce real-world risk rather than optimize for theoretical completeness
- Experience building, leading, and developing high-performing security teams
- The ability to set strategy, translate it into execution, and deliver measurable outcomes
- Clear communication skills and the credibility to work effectively with engineers, executives, and external ecosystem participants
- Experience operating in environments where security failures could lead to financial loss, operational disruption, or loss of trust

## Nice-to-Haves
- Experience with secure development frameworks such as NIST SSDF
- Familiarity with Web3 security frameworks such as OWASP SCSVS or SEAL
- Experience in financial infrastructure, payments, custody, or tokenized finance
- Experience with large-scale platform or ecosystem security architecture
- Experience in identity, trust, encryption, or internet-scale systems

## Compensation
- Base salary range: $225,000 - $335,000 depending on job-related knowledge, skills, experience, and location
- Lumen-denominated grants
- Competitive health, dental & vision coverage
- Flexible time off + 15 company holidays
- Generous paid parental leave
- Gym reimbursement, 401K with 4% match, commuter benefits, and more

## Similar roles

- [Director, Threat Research](https://hotfix.jobs/jobs/594b9a33-1ae5-4e7b-b9ff-128c42de0525) - Illumio - Sunnyvale, CA - $227k – $272k/yr
- [Director, Information Security & Technology](https://hotfix.jobs/jobs/206a3607-4d09-42a8-8ff7-ff8d9b3096f3) - GameChanger - Remote - $220k – $240k/yr
- [Director, Detection Engineering & Threat Hunting](https://hotfix.jobs/jobs/00931fb7-41de-4468-afde-aee4dc3654cd) - Huntress - Remote - $220k – $240k/yr
- [Privacy Engineering Director](https://hotfix.jobs/jobs/7a45a3ca-90d8-4d75-bac1-d9537bd8a64f) - DuckDuckGo - Remote - $244k – $244k/yr
- [Head of Security & Compliance](https://hotfix.jobs/jobs/0c31140a-05ba-40ab-a5aa-12713d69cde4) - Casca - San Francisco, CA - $200k – $255k/yr

**Apply:** https://hotfix.jobs/jobs/1a713979-c2ef-4231-b621-264f3d938b57
**Canonical:** https://hotfix.jobs/jobs/1a713979-c2ef-4231-b621-264f3d938b57