Senior Application Security Engineer- Crypto and Onchain
United States
Full Time Senior-level / Expert USD 135K - 203K
Our Krakenites are a world-class team with crypto conviction, united by our desire to discover and unlock the potential of crypto and blockchain technology.
What makes us different?
Kraken is a mission-focused company rooted in crypto values. As a Krakenite, you’ll join us on our mission to accelerate the global adoption of crypto, so that everyone can achieve financial freedom and inclusion. For over a decade, Kraken’s focus on our mission and crypto ethos has attracted many of the most talented crypto experts in the world.
Before you apply, please read the Kraken Culture page to learn more about our internal culture, values, and mission.
As a fully remote company, we have Krakenites in 70+ countries who speak over 50 languages. Krakenites are industry pioneers who develop premium crypto products for experienced traders, institutions, and newcomers to the space. Kraken is committed to industry-leading security, crypto education, and world-class client support through our products like Kraken Pro, Kraken NFT, and Kraken Futures.
Become a Krakenite and build the future of crypto!
Proof of WorkThe Team
Kraken’s world-class security team is growing. As we continue to grow and mature our on-chain presence, we need someone with a strong Web3 security background to help build our program and tooling for enterprise scale.
This role will be reporting through Kraken’s Application Security function. You will have the benefit of partnering with domain experts in our existing stack and enterprise software tooling while still having the opportunity to come up with creative solutions in the emergent field of Web3 Security.
We are leaders in the Security space. You will be partnering with peers who have submitted critical bug reports to some of the biggest names in both Web2 and Web3 as part of our regular campaigns and research. Kraken is a founding member of several new Web3 standards organizations and you will also have the chance to make a lasting impact on the industry as a whole.
The ideal candidate will be comfortable working across a variety of teams, including Application Security, Red Team, and Cloud Security to help make informed decisions.
This is a fully remote role.
The Opportunity
Mature and develop our on-chain security program including:
Performing smart contract review through automated and manual means
Assisting with risk analysis for listing new tokens and NFT collections
Developing strong recommendations for crypto node infrastructure across a variety of different platforms and architecture
Creating incident response simulations in order to improve our ability to detect, respond, and recover
Contributing to industry working groups dedicated to Web3 security
Performing expert-level testing of systems, networks, applications, people and processes
Adapting existing security tools and proven methodologies to the on-chain paradigm
Researching cutting edge attack techniques and developing innovative ways to detect them at scale
Working collaboratively and independently on unique assignments which may require specialized knowledge and/or experience
Accurately and reliably communicating risk to stakeholders
Complying with Company, Division and Professional ethical standards
Skills you should HODL
2+ years of security experience
Hands-on knowledge of EVM chains, especially Ethereum-based L2s
Experience working with Solidity (Rust and Go are nice to have)
Experience with security tooling, such as Slither, Foundry, or Hardhat
The ability to communicate highly technical security findings to a variety of audiences (written and verbal)
Experience in creating public-facing technical writing and documentation
Demonstrating a receptive mindset, adept at engaging in constructive dialogue on complex subjects with colleagues, while remaining adaptable and open to alternative perspectives
Nice to Haves
Experience with advanced testing techniques such as fuzz testing
Published tools, blogs, or smart contract audits
Understanding of zero-knowledge and validity proofs
Familiarity with traditional application security SAST, DAST, and SCA tools such as Semgrep, Burp Suite or Snyk
#LI-Remote #LI-DA1 #USCANUKEU
Kraken is powered by people from around the world and we celebrate all Krakenites for their diverse talents, backgrounds, contributions and unique perspectives. We hire strictly based on merit, meaning we seek out the candidates with the right abilities, knowledge, and skills considered the most suitable for the job. We encourage you to apply for roles where you don't fully meet the listed requirements, especially if you're passionate or knowledgable about crypto!
As an equal opportunity employer, we don’t tolerate discrimination or harassment of any kind. Whether that’s based on race, ethnicity, age, gender identity, citizenship, religion, sexual orientation, disability, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.
Stay in the know
Tags: Application security Audits Blockchain Burp Suite Cloud Crypto DAST Incident response Red team Risk analysis Rust SAST
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs