Remote Senior Security Engineer

Summary

The job description is for a Senior Security Engineer role at Magic, a company focused on simplifying onboarding of mainstream users into the Web3 ecosystem. The role involves securing SDLC, leading vulnerability management program, collaborating with engineering teams, managing external bug bounty program, supporting compliance standards, building a security mindset across the organization, participating in 24/7 on-call and security incidents, and more.

Requirements

• 6+ years of security engineering or software security experience in either frontend or backend environments
• Experience with programming and scripting languages such as Python, Golang, or TypeScript
• Excellent Incident Management skills to navigate and lead incidents adeptly to ensure platform uptime

Responsibilities

• Contribute to further securing our SDLC, to include secure coding practices, CI/CD pipelines, and regression tests
• Lead and grow our vulnerability management program, which spans across our cloud infrastructure (AWS) and endpoint machines (macOS)
• Collaborate with Engineering teams to harden our frontend and backend systems (Next.js, Typescript, AWS, Python)
• Foster your extensive experience securing a cloud microservices platform like Kubernetes, including ingress/egress, and container communication
• Manage our external bug bounty program and be able to technically contribute to mitigations
• Support compliance standards like NIST, ISO 27001, SOC 2 Type 2, and GDPR
• Build a security mindset across the organization by providing security guidance and best practices
• Take a holistic approach towards security, ensuring coverage from code quality up and out to our edge services including Cloudflare and Vercel
• Participate in 24/7 on-call and security incidents, acting as Incident Manager

Preferred Qualifications

• Have previously built or managed a SIEM like OpenSearch or Splunk
• Built out modular authentication flows including WebAuthn OAuth
• Experience with Web3 protocol or smart contract security auditing

Benefits

• Fully remote team and flexible working hours
• Competitive salary and stock options
• Unlimited paid time off
• Health, Vision, Dental, Disability, and Life Insurance
• 401(k) program
• Top of the line equipment
• $300 monthly budget for home office needs and professional development
• Annual team meetups
• Salary Range: $170K-$210K