| Job Position | Company | Posted | Location | Salary | Tags |
|---|---|---|---|---|---|
Firefly | Remote | $85k - $150k | |||
VolumeFi | Remote | $72k - $90k | |||
Neon Labs | Remote | $40k - $90k | |||
Blockstream | San Francisco, CA, United States | $63k - $90k | |||
| Learn job-ready web3 skills on your schedule with 1-on-1 support & get a job, or your money back. | | by Metana Bootcamp Info | |||
The Block | Remote | $50k - $80k | |||
Boson Protocol | London, United Kingdom | $43k - $56k | |||
O(1) Labs | San Francisco, CA, United States | $63k - $90k | |||
Findora | Remote | $40k - $62k | |||
Webb | United States | $70k - $150k | |||
O(1) Labs | San Francisco, CA, United States | $63k - $79k | |||
Consensys | Remote | $63k - $75k | |||
Panther Protocol | United States | $40k - $65k | |||
MetaMask | United States | $54k - $72k | |||
NEAR | San Francisco, CA, United States | $29k - $50k | |||
Consensys | Remote | $54k - $72k |
The Security Engineer will be responsible for integrating security into the development of applications. The engineer will work closely with Firefly’s Product and software development teams to threat model, vulnerability scan and penetration test the early software, system and architecture while identifying the required control points in the application stack. The engineer will also closely work with developers to diagnose, document and remediate security vulnerabilities. The engineer will also be responsible for evaluating, recommending and implementing security-related software on the SDLC. Further, the engineer must be comfortable leading and training developers in secure best practices.
About Firefly
- We’re building cutting-edge, decentralised exchange infrastructure inour visionto advance derivatives trading, the largest market by trading volume
- Firefly is partnered with the industry’s leading market makers and has raised a 22.8 million fund to build a hyper liquid, powerful and secure exchange
- Firefly is backed by Polychain Capital, Three Arrows Capital, Cumberland DRW and many other leading investors
What you will do
- You will become the primary security expert for multiple product lines, and act as the point of contact for engineering and security.
- Create threat models to Identify and deploy cybersecurity measures by continuously performing vulnerability assessment and risk management.
- Build and integrate monitoring tools to detect abnormal or malicious behavior
- Identify and implement tools, processes, and workflows to find vulnerabilities earlier in the product life cycle (SAST, DAST)
- Perform and document architectural security assessments and threat modeling in the interactions between the back-end and the smart contracts
- Investigate technical innovations in the space such as zero-knowledge proofs and bleeding-edge blockchain protocols
- Be a steward of the engineering culture at Firefly, coaching and mentoring engineers and participating in code & architectural reviews
What you will bring
- 4+ years of professional security engineering experience
- A passion for solving challenging problems
- Experience building Security technologies that enable the business
- Strong Technical background in any of the following: Product Security, Infrastructure Security or Blockchain Security
- Strong working knowledge of modern secure software development processes and tools (JIRA, Burp, Confluence, SAST, DAST, CI/CD).
- Excitement to work at a fast-paced startup building software that supports a few hundred million dollars of trade volume each day, across dozens of markets and thousands of traders
What we offer
- Interesting and challenging work on the latest technologies
- An experienced team to learn from
- Competitive salary and equity
- Employee-friendly equity terms (early exercise, extended exercise)
- Work remotely or any of the Firefly Hubs for 3 months
- Health, Dental & Vision Insurance in US (stipend if remote)
- Take as much time off as you need to be productive
- Parental leave
- Stipend to set up your home office (4k display, desk, chair etc.)
- Latest productivity software like Notion and Linear
- Company paid lunch and coffee during work days
- Company paid co-working space/desk at an office
- Annual ski trips, events, and travel
What is Zero-knowledge?
Zero-knowledge is a concept in cryptography that allows two parties to exchange information without revealing any additional information beyond what is necessary to prove a particular fact
In other words, zero-knowledge is a way of proving something without actually revealing any details about the proof
Here are some examples of zero-knowledge:
- Password authentication: When you enter your password to log into an online account, the server doesn't actually know your password. Instead, it checks to see if the hash of your password matches the stored hash in its database. This is a form of zero-knowledge because the server doesn't know your actual password, just the hash that proves you know the correct password.
- Sudoku puzzles: Suppose you want to prove to someone that you've solved a particularly difficult Sudoku puzzle. You could do this by providing them with the completed puzzle, but that would reveal how you solved it. Instead, you could use a zero-knowledge proof where you demonstrate that you know the solution without actually revealing the solution itself.
- Bitcoin transactions: In a Bitcoin transaction, you prove that you have ownership of a certain amount of Bitcoin without revealing your private key. This is done using a zero-knowledge proof called a Schnorr signature, which allows you to prove ownership of a specific transaction output without revealing the private key associated with that output.
- Secure messaging: In a secure messaging app, you can prove to your contacts that you have access to a shared secret without revealing the secret itself. This is done using a zero-knowledge proof, which allows you to prove that you have access to the secret without actually revealing what the secret is.