Pagoda is hiring a
Web3 Senior Security Engineer - Vulnerability Management

Compensation: $165k - $195k

Location: Remote - US, North America

About Pagoda

Pagoda is shepherding a future where NEAR becomes the blockchain operating system. We believe that re-inventing how software is made and distributed is our greatest opportunity to open economic access to those who are not fully integrated into the global economy. Our products empower people to find opportunity, invent new experiences, and collaborate. Let's build an Open Web world. A world where people control their assets, data, and power of governance.

We encourage people of all backgrounds to apply. Pagoda is committed to creating an inclusive culture, and we celebrate diversity of all kinds.

<strong>About The Role</strong></p>

Pagoda’s growing security team is looking for a Senior Security Engineer to join our team and lead the establishment of a robust Vulnerability Management program. This position will be primarily responsible for designing, implementing and maintaining the vulnerability management program. With experience across information security, with a proven track record of implementing security programs in complex environments you will be a valuable member of the team.

What You'll Be Doing

  • Design, implement, and maintain a comprehensive vulnerability management program across the organization
  • Develop & maintain vulnerability management services, including vulnerability scanning, vulnerability assessments, and tracking support for vulnerability remediation
  • Build and maintain policies, standard procedures and guidelines for vulnerability management
  • Conduct regular vulnerability scans, analyze results, and prioritize remediation efforts based on risk and impact
  • Prioritize remediation tasks based on risk level, assign them to the relevant system owner, and monitor progress until completion
  • Apply root cause analysis to identify and assess problems and key drivers of success, draw potential conclusions from complex data sets
  • Stay up-to-date with emerging threats and vulnerabilities and adjust the vulnerability management program as needed to address new risks
  • Generate ad hoc metrics and reports as requested, providing insight into the vulnerability management program's effectiveness
  • Stay aware of current business and industry trends relevant to the business and cybersecurity
  • Develop and document processes and procedures for team members to use and to enhance efficiencies
  • Provide subject matter expertise and guidance to stakeholders across the organization on vulnerability management best practices

What We're Looking For

  • Bachelor’s Degree or industry equivalent work experience in vulnerability management
  • 8-10 years experience in information security
  • Experience in establishing and implementing a successful vulnerability management program from the ground up
  • Solid experience in information security with a focus on vulnerability management
  • Strong technical knowledge of vulnerability scanning tools, vulnerability assessment methodologies, and industry-standard security frameworks (eg. NIST, CIS)
  • Knowledge of Wiz, Eumeric, Tenable or Rapid7
  • Understanding of vulnerability management processes and lifecycle
  • Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions
  • Strong analytical and problem-solving skills, ability to prioritize and manage multiple tasks and projects
  • Ability to examine issues both strategically and analytically
  • Strong communication skills and ability to work with cross-functional and remote teams
  • Ability to contribute to other Information security tasks and duties as required

We'd Love If You Have

  • A passion for security and Web3
  • Experience in a start-up environment
  • Professional certifications such as CISSP, CISM, or SANS GIAC
  • Familiarity with using one or more programming/scripting languages (e.g., Python, Java, etc.)

Here’s What Our Interview Process Looks Like

Depending on calendar availability, from the first stage to the final stage, we do our best to keep the entire process to under three weeks. Our interviews take place via Zoom and typically consists of the following stages:

  • Internal Recruiter Call (30 minutes)
  • Meet with the Hiring Manager (45 minutes)
  • Technical Interviews (2 x 60 minutes)
  • Vulnerability Management Presentation (45 minutes)
  • Pagoda Values Interview (30 to 45 minutes)

Please let us know if you require any special requirements for your interview and we’ll do our best to accommodate.

Ideal Location For This Role

This is a fully remote role, so that your timezone matches or overlaps with our leadership for this role, you’ll ideally be located in North America.


The base salary range for this role is $165,750 - $195,000. This reflects the minimum and maximum range across all US locations. This does not include bonus, incentives, or benefits.

The actual base pay is dependent upon many factors, such as: leveling, relevant skills, and work location. If you are based outside of the US, we do have other geographic considerations that may impact your final compensation. Your recruiter can share more about the compensation and benefits applicable to your preferred location during the hiring process.

<div class="content-conclusion">

Benefits & Perks

  • Flexible Annual Leave / PTO with an encouraged 20 day per year minimum
  • Paid Holiday Week: the last week of the year
  • Paid Wellness Week: the first week of July
  • $2,000 Yearly Continued Education Reimbursement
  • $2,000 Home Office Setup Reimbursement
  • Co-working Space Reimbursement
  • Company Retreats (2022 was in Lisbon!) & Team Offsites
  • Mental Health Support and access to licensed therapists through Spill, 100% paid by Pagoda

Our Values At Pagoda

Innovate and deliver—so our customers can build. We deliver new solutions for real, often urgent, customer needs. Practical over hype. We uphold our standards of excellence while balancing velocity and pragmatism.

Focus precious time and energy on what matters. We are intentional about where we aim our resources. We channel our talents to focus on the critical missions in order to make an outsized impact.

Favor ownership, agency and action. Everyone is an owner. As individuals, we are responsible and accountable for our work. We empower builders to make decisions and innovate without the burden of unnecessary roadblocks or complexity.

Work as a team of empathetic humans. We practice mutual respect, open communication, humility and collaboration. We are kind and empathetic. We are welcoming towards diversity in all forms, including differences of perspective.

Never break trust. Integrity is rare—and valuable—in this space. Reputation is hard to build and easy to break.

When applying, mention the word CANDYSHOP to show you read the job post completely. This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they are human RMTguMjA2LjEzLjIwMwM

Apply now:

This job is closed

Compensation: $165k - $195k

Location: Remote - US, North America

This job is closed

Benefits: Pto, Company Retreats

Receive similar jobs:

Remote Web3 Security Expert Jobs

Job Position and Company Location Tags Posted Apply






Manila, Philippines


Madrid, Spain

Recommended Web3 Security Experts for this job


See Profile

See Profile

See Profile

See Profile

See Profile
Write a cover letter