| Job Position | Company | Posted | Location | Salary | Tags |
|---|---|---|---|---|---|
Ethena Labs | Remote | $63k - $75k | |||
LI.FI | Remote | $90k - $130k | |||
LI.FI | Remote | $50k - $65k | |||
Impossible Cloud | Hamburg, Germany | $94k - $115k | |||
| Learn job-ready web3 skills on your schedule with 1-on-1 support & get a job, or your money back. | | by Metana Bootcamp Info | |||
Utila | New York, NY, United States | $91k - $120k | |||
Fireblocks | New York, NY, United States | $177k - $230k | |||
OP Labs PBC | United States | $104k - $150k | |||
Morpho | New York, NY, United States | $84k - $150k | |||
Zscaler | Remote | $92k - $98k | |||
Okx | Remote | $87k - $109k | |||
Okx | Remote | $140k - $144k | |||
Okx | Remote | $95k - $106k | |||
Nexus | Remote | $105k - $180k | |||
Nexus | United States | $140k - $180k | |||
Kraken | London, United Kingdom | $80k - $150k |
Staff/Senior Security Engineer - DeFi
The RoleÂ
We're hiring a Staff/Senior Security Engineer to lead our signing and treasury security program across wallets and custodian accounts. This is a high-impact, mission-critical role at the core of our business. Operating within the security department, you will partner closely with our core DeFi and trading teams to provide an objective security perspective while engineering safe, streamlined operational workflows.
Your mission is to own the verification layer between operator intent and signature: independently confirming destination addresses, approvals, and calldata against on-chain truth, never just what a UI displays. The work bridges complex on-chain security with daily operations, securing defensible audit trails, robust infrastructure, and controls built to scale with Ethena's growth.
What You’ll Do
-
Own the end-to-end design of our signing regime, including signer composition, thresholds, and intent communication, and continue evolving our pre-signature verification workflows for destination, calldata, and state-change confirmation.
-
Manage, maintain and continuously upgrade canonical address and contract allowlist system and infra that manages it, ensuring every whitelisting or approval action is checked against this list pre-signature, requiring documented review for any additions.
-
Operate and tighten real-time monitoring across wallets, custodians, and DeFi positions, keep it integrated with our SOC 2 incident-response workflows, and contribute to playbooks for evolving risk scenarios.
-
Run independent technical reviews of new protocol integrations and keep our risk register current as positions and dependencies evolve.
-
Continuously verify ERC-20 approval hygiene across the treasury, and partner with Finance on automated reconciliation between on-chain activity and accounting systems.
-
Own the process of producing the documentation of controls, tooling, and decisions that our auditors, underwriters, and institutional counterparties expect.
What We’re Looking For
-
Mastery of Solidity and the EVM; you can read arbitrary contracts and raw calldata without assistance. You are fluent in tools such as Tenderly, Foundry-based simulation, and trace analysis.
-
Deep practical experience with Gnosis Safe, Coinbase Prime, Anchorage, and Fireblocks. Strong understanding of the operational failure modes inherent in browser-based custodian extensions and hardware wallet signing flows.
-
Strong practitioner-level knowledge of DeFi protocols like Aave, Morpho, and Stargate. You understand risk parameters, oracle structures, and bridge message-passing mechanics.
-
A security-first mindset that assumes a hostile environment by default. You possess a "vigilance disposition" - you are energized by rigorous verification and are committed to maintaining safety standards even when facing operational pressure.
-
Proven ability to explain technical risks to non-technical stakeholders (COO team, executives, auditors). You are a self-starter comfortable owning infrastructure end-to-end and producing high-quality, audit-grade documentation.