Security Engineer

Location: Remote / Distributed (Global)

About the Opportunity We are seeking an experienced Security Engineer to join a high-impact team building core decentralized infrastructure that processes billions in daily transaction volume. This role offers the chance to own a massive technical scope—ranging from hands-on code reviews and threat modeling to building custom adversarial testing frameworks—within a fast-moving organization that has already achieved significant product-market fit. You will report directly to the Head of Security, playing a pivotal role in scaling security operations and protecting critical on-chain ecosystems.

Responsibilities

• Application Security & Reviews: Conduct deep-dive security assessments across the product suite, including white-box code reviews, functional testing, fuzzing, and comprehensive threat modeling.

• Identity & Access Management: Oversee the full lifecycle of identity operations, including provisioning, monitoring for anomalous changes, and managing access for critical systems.

• Security Research & Automation: Design and build custom tooling for AI security and adversarial testing, focusing on reusable patterns for agent controls.

• Vulnerability Management: Lead the day-to-day operations of the bug bounty program, managing triage, remediation workflows, and high-priority escalations.

• Supply Chain & Compliance: Implement advanced monitoring for software supply chain risks beyond standard scans and coordinate external penetration testing engagements.

• Strategic Defense: Manage software security documentation and evidence gathering to support evolving compliance and organizational requirements.

Requirements (Must-have)

• Engineering Foundation: Strong background in software engineering with a transition into product or application security (5+ years of total professional experience).

• Programming Proficiency: Expertise in at least one systems-level or backend language—such as Rust, Go, or C++—with the ability to read production code and build security tooling from scratch.

• Domain Expertise: Fluency in the full security lifecycle, including secure design reviews and vulnerability testing, specifically within Web3, DeFi, or cryptocurrency environments.

• Analytical Mindset: Demonstrated experience in building security automation and conducting rigorous reviews on live production systems.

• Communication: Exceptional written communication skills for technical documentation and cross-team collaboration.

Preferred Qualifications (Nice-to-have)

• System Hardening: Proficiency in Linux administration, kernel-level security primitives, and hardening environments.

• Key Management: Experience with multisig schemes, signing policy design, and hardware security modules (HSMs).

• Advanced Architecture: Familiarity with Trusted Execution Environments (TEEs), confidential computing, or secure enclave design.

• Infrastructure Management: Hands-on experience with Enterprise IAM/SSO systems and Mobile Device Management (MDM) platforms.

Compensation & Benefits

• Highly competitive total compensation package including salary and multiple forms of equity.

• Fully covered (100%) health benefits for employees.

• Budget for professional development, including global team retreats and industry conferences.

• Weekly allowances for meals and remote work support.