Senior Security Engineer - Blockchain
About Us
ether.fi is a rapidly growing Ethereum liquid staking protocol where stakeholders retain control of their assets. The company is just a year in with a thriving community and a TVL of $6B+. We are on a broader mission to help onboard the next billion users to crypto. Protocol information can be found here.
Position Overview
Ether.fi is seeking a versatile and hands-on engineer to join our team as our founding security engineer. In this role, you will not only lead the security function but also actively contribute to security operations, ensuring the integrity and resilience of our platform. You will play a pivotal role in building and maintaining a robust security posture while fostering a culture of security awareness and continuous improvement.
Key Responsibilities
•
Hands-on design, development, and implementation of security architectures and features for all software, including the protocol (on-chain and off-chain), ensuring robust protection against attacks and vulnerabilities.
•
Identify and eliminate surface area for attacks and apply hardening across the entire tech stack with a hands on approach
•
Conduct thorough threat modeling and risk assessments to identify potential security issues and implement mitigation strategies.
•
Develop and maintain incident response plans. Act as the primary point of contact for security incidents, coordinating with internal and external stakeholders to mitigate and resolve issues.
•
Conduct regular penetration testing and vulnerability assessments of our platform to identify and address security weaknesses.
•
Develop and implement security tools and automation scripts to enhance the efficiency and effectiveness of our security operations.
•
Work closely with the development, DevOps, and product teams to integrate security best practices into the development lifecycle. Communicate and lead education of security concepts and requirements effectively to technical and non-technical stakeholders.
•
Ensure compliance with relevant security standards, regulations, and best practices. Participate in the development and enforcement of security policies and procedures.
•
Stay on top of latest security trends, threats, and technologies. Contribute to the continuous improvement of our security posture through research and development of innovative security solutions.
Qualifications
•
Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
•
5+ years of hands-on experience in a dev/security operations role, with experience in the crypto/blockchain industry
•
Full stack software engineering experience, ranging across back-end, front-end and devops engineering
•
Understanding of Cloud Platform security and best practices
•
Familiarity with different CI/CD hardening strategies and how to implement them
•
Strong understanding of security principles, practices, and frameworks
•
Demonstrated experience in incident detection, analysis, and response, with proficiency in conducting forensic investigations and digital evidence collection.
•
Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and stakeholders.
•
Experience in performing in-depth security audits of smart contracts would be nice to have.
•
Certificates such as CISSP, OSCP, Sec+ or similar are desirable
Benefits
•
Competitive salary and equity offerings.
•
Opportunity to work with cutting-edge technology and a brilliant team.
•
Health, dental, and vision insurance plans.
•
Collaborative and inclusive work culture.
•
Exciting company events and team-building off-sites.
•
Option to take a part of your salary as ETH
•
Option to get paid in USDC
•
Relocation stipend
$150,000 - $200,000 a year
Broad salary range - will give a more precise number depending on location. We also provide a 15% performance bonus, and a new hire token grant.