What You Will Do
- Lead security practices across our web, blockchain, and DNS infrastructure — threat modeling, vulnerability assessment, penetration testing, and incident response — using AI agents to augment your workflow.
- Harden APIs, authentication flows, and data handling across the product surface.
- Design and implement security monitoring, alerting, and audit logging systems.
- Contribute broadly as a full-stack engineer beyond your specialty: ship features, review code, and improve architecture across the product.
- Evaluate and integrate the latest AI/LLM tools and agents into security testing, code review, and threat detection workflows.
What We Look For
- Strong understanding of application security: OWASP Top 10, authentication/authorization patterns, cryptography fundamentals, and secure coding practices.
- Experience with security across multiple domains: web applications, APIs, blockchain, and infrastructure.
- Solid software engineering fundamentals: systems design, testing strategies, and clean code practices.
- Hands-on experience with AI-assisted development — using AI coding agents in your daily workflow.
- Professional fluency in English. A second language is a plus; one that no existing teammate speaks is a big plus.
Nice to Have
- Experience with smart contract security, DNS security (DNSSEC, DNS hijacking prevention), or cloud infrastructure hardening.
- Background in CTF competitions, bug bounty programs, or security research.
- Relevant certifications or published security research.