Senior Security Engineer

Summary

Join Ethena Labs, a leader in DeFi, as a Senior/Staff Security Engineer. You will play a crucial role in securing our platform's on-chain and off-chain components. Responsibilities include designing and implementing security architectures, mitigating risks through threat modeling and vulnerability assessments, leading incident response, conducting penetration testing, and developing security tools. You will collaborate with development, DevOps, and product teams to integrate security best practices throughout the software development lifecycle. This position requires 5+ years of hands-on experience in security engineering or DevSecOps, expertise in full-stack software security, and proficiency in securing cloud-based systems and CI/CD pipelines. A Bachelor's or Master's degree in a related field is required, and industry certifications are a plus. The role offers a flexible, remote-friendly work environment.

Requirements

• 5+ years of hands-on experience in a security engineering or DevSecOps role, with demonstrated expertise in full-stack software security (back-end, front-end, and DevOps)
• Proficiency in designing and implementing robust security architectures for cloud-based systems, and strong experience in securing CI/CD pipelines
• Experience in intrusion detection, forensic investigation, and leading security incident response
• Strong understanding of security frameworks, principles, and best practices, with a proactive approach to risk management
• Ability to effectively communicate security requirements and concepts to both technical and non-technical stakeholders
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field

Responsibilities

• Design, develop, and implement security architectures and features for both on-chain and off-chain components of the platform, ensuring defense against vulnerabilities and attacks
• Identify and mitigate risks by performing threat modeling, security hardening, and vulnerability assessments across the full tech stack
• Lead incident response efforts, acting as the primary point of contact for security incidents and coordinating with internal and external teams to resolve issues
• Conduct regular penetration testing and forensic investigations, ensuring identified security weaknesses are addressed swiftly
• Develop security tools and automation scripts to enhance the efficiency and effectiveness of our security operations
• Work closely with application development and DevOps teams to integrate security best practices into every stage of the software development lifecycle
• Stay on top of emerging security trends, threats, and technologies, contributing innovative solutions to continuously improve our security posture

Preferred Qualifications

• Expertise in Threat Detection and Response, and Endpoint Security is highly desirable
• Experience with crypto/web3 technologies, including smart contract audits, is highly desirable
• Industry certifications such as CISSP, OSCP, Sec+, or similar are a plus

Benefits

Enjoy a flexible, remote-friendly work environment with opportunities for growth and learning