• Full Time
  • Distant

Site Phantom

At Phantom, security is core to the product and the reason why millions of people trust Phantom to securely store their crypto assets. As a Security Engineer, you will be responsible for identifying, exploiting and mitigating security vulnerability risks in our software applications, as well as conducting security assessments and investigations. You will work closely with development teams to ensure that security is integrated throughout the software development lifecycle. Join us on our mission to make the digital economy safe and easy to use for everyone.

This role is fully remote; however, we’re only open to candidates based in US and EU time zones. Currently, Phantom cannot support employees from the following countries and continents: Russia, Pakistan, Ukraine, Asia, Oceania, and Africa.

Responsibilities

  • Identify and mitigate security vulnerabilities in code, systems and networks through manual review, automated tools and threat modeling.
  • Responsible for the configuration and tuning of application security tooling, process and alerting.
  • Responding to and validating Bug Bounty submissions.
  • Keep up to date with the latest offensive security techniques, application security threats, and best practices, including recomending improvements to security posture
  • Write detailed reports of your findings and present them to management and technical teams, and help to prevent real-world attacks.
  • Work with development teams to implement secure coding practices.
  • Collaborate with other teams such as development, operations, and compliance to ensure that security is integrated throughout the organization.
  • Participate in incident response and incident management activities.

Qualifications

  • 3+ years of experience in offensive security techniques, with a focus on blockchain technology.
  • Strong understanding of security risks, vulnerabilities and concepts in web and mobile applications.
  • Proficient in code review for Typescript and JavaScript with a strong understanding of application security threats.
  • Write PoC’s to prove vulnerabilities, review and ensure that patch code meets the standards set by the repository owners and maintainers.
  • Strong analytical and problem-solving skills.
  • Good verbal and written communication skills.

Why Work with Us

Opportunity

We are a team of experienced builders with a ton of traction in a big and growing market – our users are so passionate they were hacking their way into our private beta. Only months after launching we’ve acquired millions of users, and are adding hundreds of thousands every week. We are by far the leading wallet on Solana, and plan to expand to other chains soon.

On top of that, there has never been a better time to work in crypto and on wallets in particular.

  • Wallets play a pivotal role: Wallets are responsible for on-boarding new users into crypto, and can make or break the user experience.
  • We are moving to a multi-chain world: New blockchains and scaling solutions are coming online and gaining traction, but are lacking decent wallets and bridges.
  • DeFi & NFTs are exploding : Interest in DeFi and NFTs has exploded, yet they are still an after-thought in existing wallets.

Benefits

  • Competitive salary and equity.
  • Comprehensive insurance (medical/dental/vision) — 100% covered.
  • Stipend for your ideal remote / WFH set-up: laptop, headphones, and any other work gear you may need.
  • Flexible hours and a long-standing, supportive remote environment.
  • Unlimited vacation: Take time when you need it (and we really mean it).
  • 401(k) retirement plan (although we are not matching at this time)
  • Wellness benefit
  • Daily lunch benefit

The target base salary for this role will range between $160,000 to $210,000 with the addition of equity and benefits. This is determined by a few factors including your skillset, prior relevant experience, quality of interviews and market factors (such as location) at the point in time of offer.

Pour postuler à cette offre d’emploi veuillez visiter boards.greenhouse.io.