Paxos

Lead Security Engineer

Paxos$130K — $180K *
New York City, NY 10025In-Person
Information Technology
Less than 5 years of experience
2 weeks ago
Job Overview by Ladders

Qualifications

  • Deep knowledge of cloud infrastructure and web2 security practices.
  • Expertise in cybersecurity standards and social engineering defenses.
  • Experience in building full stack applications.
  • Profound understanding of EVM security tooling, testing, and best practices.
  • In-depth knowledge of common hacks and exploits in DeFi protocols.
  • Strong grasp of financial attack vectors in DeFi protocols.
  • Background in CTFs, bug bounties, and white hat activities.

Responsibilities

  • Conduct internal audits of cloud platforms (Azure, AWS) and implement security best practices.
  • Create threat models for first and third party software to identify and patch vulnerabilities.
  • Collaborate with infrastructure engineers to develop tools for detecting and preventing exploits.
  • Develop tooling and standard operating procedures for incident response.
  • Conduct incident response training and simulations for team members.
  • Work with both technical and non-technical staff to secure against non-code attack vectors.
  • Audit smart contracts and establish secure operational practices for their lifecycle.

Benefits

  • Collaborative office environment in New York City.
  • Focus on effective in-person teamwork.
Full Job Description
Who we're looking for

The engineering team at Paxos Labs deploys production software across the web2 and web3 stack, from smart contract protocols, DeFi integrations, and cloud infrastructure to public API/SDKs that requires a comprehensive security posture. We are looking for a motivated developer that can not only develop, but aptly research and deploy extensive knowledge across TradFi and DeFi to secure mission critical software.

Most importantly, we are looking for developers with interest in the following overlap:
  1. Smart Contract Security
  2. Cloud Security
  3. Operational Security


Responsibilities
Cloud Security
  • Conduct internal audits of Cloud (Azure, AWS) platform security and implement best practices around key management, network security, monitoring, etc.
  • Create threat models for first party and third party software, research possible vulnerabilities and patch them.
  • Collaborate closely with infrastructure engineers to detect, fix, and prevent future exploits by creating resuable tools and processes.
Operational Security
  • Develop tooling and SOPs such as incident response manuals.
  • Conduct periodic incident response training for team members. Simulating hacks, alerts, and social engineering vectors.
  • Collaborate closely with both the technical and the non-technical staff to secure non-code related attack vectors and protect the weakest link i.e. the humans involved.
Smart Contract / DeFi Security
  • Collaborate closely with the Smart Contract team to conduct internal audits and to set up secure operational practices for the development and maintenance of smart contract protocols..
  • Build and deploy full stack tools for mitigating exploits and financial risks such as
    • Detecting malicious transactions in the mempool and automating pauses across the smart contracts deployed on multiple chains.
    • Defining invariants and detecting violations in realtime.
    • Integrating third party security software where necessary.


Qualifications
  • Deep knowledge of cloud infrastructure and web2 security practices.
  • Deep knowledge of cybersecurity standards and social engineering defenses.
  • Experience building full stack applications.
  • Deep Knowledge of the EVM security tooling, testing, and best practices
  • Deep knowledge of common hacks and exploits in DeFi protocols.
  • Deep knowledge of financial attack vectors in DeFi protocols.
  • Experience with CTFs, bugbounties, whitehat activities.


Location

We are a heavily in-person team working in New York City. We prize effective in-person collaboration.

Once we receive your application, we'll be in touch if we are interested.

About Paxos

Paxos is a regulated financial institution building infrastructure to enable movement between physical and digital assets. Paxos is the first blockchain company to be granted a charter by the New York State Department of Financial Services. Paxos? mission is to modernize finance by mobilizing assets at the speed of the internet. Paxos is building a future where all assets?from money to commodities to securities?are digitized and can move instantaneously, 24/7. Headquartered in New York, Paxos has offices in London, Singapore and Hong Kong.
Learn more about Paxos
Size
200 employees
Industry
Finance & Insurance
Founded
2012
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Paxos

  • Paxos
    Content & Social Manager
    $90K — $130K *
    San Francisco, CA 94112 (San Francisco County)
    2 weeks ago
    Media
    In-Person
  • Paxos
    DeFi Researcher
    $100K — $150K *
    Remote
    2 weeks ago
    Finance & Insurance
    Remote in New York, NY
  • Paxos
    Lead Security Engineer
    $130K — $180K *
    New York City, NY 10025 (New York County)
    2 weeks ago
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Lead Security Engineer jobs:

NationwideNew York City, NY