Firefly is hiring a

Web3 Security Engineer

The Security Engineer will be responsible for integrating security into the development of applications. The engineer will work closely with Firefly’s Product and software development teams to threat model, vulnerability scan and penetration test the early software, system and architecture while identifying the required control points in the application stack. The engineer will also closely work with developers to diagnose, document and remediate security vulnerabilities. The engineer will also be responsible for evaluating, recommending and implementing security-related software on the SDLC. Further, the engineer must be comfortable leading and training developers in secure best practices.

About Firefly

• We’re building cutting-edge, decentralised exchange infrastructure inour visionto advance derivatives trading, the largest market by trading volume
• Firefly is partnered with the industry’s leading market makers and has raised a 22.8 million fund to build a hyper liquid, powerful and secure exchange
• Firefly is backed by Polychain Capital, Three Arrows Capital, Cumberland DRW and many other leading investors

What you will do

• You will become the primary security expert for multiple product lines, and act as the point of contact for engineering and security.
• Create threat models to Identify and deploy cybersecurity measures by continuously performing vulnerability assessment and risk management.
• Build and integrate monitoring tools to detect abnormal or malicious behavior
• Identify and implement tools, processes, and workflows to find vulnerabilities earlier in the product life cycle (SAST, DAST)
• Perform and document architectural security assessments and threat modeling in the interactions between the back-end and the smart contracts
• Investigate technical innovations in the space such as zero-knowledge proofs and bleeding-edge blockchain protocols
• Be a steward of the engineering culture at Firefly, coaching and mentoring engineers and participating in code & architectural reviews

What you will bring

• 4+ years of professional security engineering experience
• A passion for solving challenging problems
• Experience building Security technologies that enable the business
• Strong Technical background in any of the following: Product Security, Infrastructure Security or Blockchain Security
• Strong working knowledge of modern secure software development processes and tools (JIRA, Burp, Confluence, SAST, DAST, CI/CD).
• Excitement to work at a fast-paced startup building software that supports a few hundred million dollars of trade volume each day, across dozens of markets and thousands of traders

What we offer

• Interesting and challenging work on the latest technologies
• An experienced team to learn from
• Competitive salary and equity
• Employee-friendly equity terms (early exercise, extended exercise)
• Work remotely or any of the Firefly Hubs for 3 months
• Health, Dental & Vision Insurance in US (stipend if remote)
• Take as much time off as you need to be productive
• Parental leave
• Stipend to set up your home office (4k display, desk, chair etc.)
• Latest productivity software like Notion and Linear
• Company paid lunch and coffee during work days
• Company paid co-working space/desk at an office
• Annual ski trips, events, and travel

Apply Now: