Senior Security Engineer
Ether.Fi
Software Engineering
Denver, CO, USA
Posted on Tuesday, May 14, 2024
About Us
ether.fi is a rapidly growing Ethereum liquid staking protocol where stakeholders retain control of their assets. The company is just a year in with a thriving community and a TVL of $6B+. We are on a broader mission to help onboard the next billion users to crypto. Protocol information can be found here.
Position Overview
Ether.fi is seeking a versatile and hands-on engineer to join our team as our first security engineer. In this role, you will actively contribute to security operations, ensuring the integrity and resilience of our platform. You will play a pivotal role in building and maintaining a robust security posture while fostering a culture of security awareness and continuous improvement.
Key Responsibilities
- Hands-on design, development, and implementation of security architectures and features
- Identify and eliminate surface area for attacks and apply hardening across the entire tech stack with a hands on approach
- Conduct thorough threat modelling and risk assessments to identify potential security issues and implement mitigation strategies.
- Develop and maintain incident response plans. Act as the primary point of contact for security incidents, coordinating with internal and external stakeholders to mitigate and resolve issues.
- Conduct regular penetration testing and vulnerability assessments of our platform to identify and address security weaknesses.
- Develop and implement security tools and automation scripts to enhance the efficiency and effectiveness of our security operations.
- Work closely with the development, DevOps, and product teams to integrate security best practices into the development lifecycle. Communicate and lead education of security concepts and requirements effectively to technical and non-technical stakeholders.
- Stay on top of latest security trends, threats, and technologies. Contribute to the continuous improvement of our security posture through research and development of innovative security solutions.
Qualifications
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field
- 5+ years of hands-on experience in a dev/security operations role
- Full stack software engineering experience, ranging across back-end, front-end and devops engineering is a nice to have
- Understanding of Cloud Platform security and best practices
- Familiarity with different CI/CD hardening strategies and how to implement them
- Strong understanding of security principles, practices, and frameworks
- Demonstrated experience in incident detection, analysis, and response, with proficiency in conducting forensic investigations and digital evidence collection
- Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and stakeholders
- Experience or interest crypto/web3 and/or performing in-depth security audits of smart contracts would be nice to have
- Certificates such as CISSP, OSCP, Sec+ or similar are desirable
Benefits
- Competitive salary and equity offerings.
- Opportunity to work with cutting-edge technology and a brilliant team.
- Health, dental, and vision insurance plans.
- Collaborative and inclusive work culture.
- Exciting company events and team-building off-sites.
- Option to take a part of your salary as ETH
- Option to get paid in USDC
- Relocation stipend