Senior/Staff Security Engineer

Summary

Join Ethena Labs, a crypto-based synthetic dollar protocol company, as a Senior/Staff Security Engineer. You will play a crucial role in securing our platform's on-chain and off-chain components. Responsibilities include designing and implementing security architectures, mitigating risks, leading incident responses, conducting penetration testing, and developing security tools. The ideal candidate possesses 7+ years of experience in security engineering or DevSecOps, expertise in full-stack software security, and strong cloud security skills. This remote-friendly role offers opportunities for growth and learning within a collaborative and innovative team.

Requirements

• 7+ years of hands-on experience in a security engineering or DevSecOps role, with demonstrated expertise in full-stack software security (back-end, front-end, and DevOps)
• Proficiency in designing and implementing robust security architectures for cloud-based systems, and strong experience in securing CI/CD pipelines
• Ability to write clean, modular, and testable code
• Knowledge of design patterns and object-oriented programming concepts such as SOLID principles
• Experience in incident detection, forensic investigations, and leading security incident response
• Strong understanding of security frameworks, principles, and best practices, with a proactive approach to risk management
• Ability to effectively communicate security requirements and concepts to both technical and non-technical stakeholders
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field

Responsibilities

• Design, develop, and implement security architectures and features for both on-chain and off-chain components of the platform, ensuring defense against vulnerabilities and attacks
• Identify and mitigate risks by performing threat modeling, security hardening, and vulnerability assessments across the full tech stack
• Lead incident response efforts, acting as the primary point of contact for security incidents and coordinating with internal and external teams to resolve issues
• Conduct regular penetration testing and forensic investigations, ensuring identified security weaknesses are addressed swiftly
• Develop security tools and automation scripts to enhance the efficiency and effectiveness of our security operations
• Work closely with development and DevOps teams to integrate security best practices into every stage of the software development lifecycle
• Stay on top of emerging security trends, threats, and technologies, contributing innovative solutions to continuously improve our security posture

Preferred Qualifications

• Experience building crypto custody solutions, utilising HSMs, multisig, and MPC architectures, is a strong plus
• Industry certifications such as CISSP, OSCP, Sec+, or similar are a plus

Benefits

• Flexible, remote-friendly work environment
• Opportunities for growth and learning