Security Protocol Enginee
About the Role
You will own security for protocol-layer components including L2, bridges, and custody systems. You will act as the final gatekeeper before code reaches main, lead threat modeling and design reviews, and plan mitigations. You will write critical patches, drive hardening, and maintain security CI tooling such as signature verification, SAST, fuzzing, and secrets scanning. You will review all protocol-relevant pull requests, enforce automated checks, run secure coding workshops, pair-program during critical sprints, and interface with auditors and bounty researchers to scope, triage, and fix issues. You will have the authority to block merges or deploys on security grounds and direct commit access for emergency fixes.
Requirements
- 5+ years in security engineering with hands-on software experience
- Strong background in Rust, Go or Solidity
- Deep knowledge of threat modeling and real-world exploit paths
- Experience owning or maintaining CI-based security automation
- Comfortable leading security efforts without direct organizational ownership
- Bonus: protocol-level blockchain experience, audits, bug bounties, or custody systems
Responsibilities
- Own security across protocol-layer components including L2, bridge and custody
- Act as the final gatekeeper before code is merged to main
- Lead threat modeling, design reviews, and mitigation planning
- Write critical patches and drive system hardening
- Maintain security CI tooling including signature verification, SAST, fuzzing and secrets scanning
- Review all protocol-relevant pull requests and enforce automated checks
- Run secure coding workshops and pair-program during critical sprints
- Interface with auditors and bounty researchers to scope, triage and fix issues
- Block merges or deploys on security grounds when necessary
- Perform emergency fixes with direct commit access
Benefits
- Fully remote work
- Flexible work hours across time zones