Senior Application Security Engineer

OpenSea is the first and largest marketplace for non-fungible tokens, or NFTs. Applications for NFTs include collectibles, gaming items, domain names, digital art, and many other items backed by a blockchain. OpenSea is an open, inclusive web3 platform, where individuals can come to explore NFTs and connect with each other to purchase and sell NFTs. At OpenSea, we're excited about building a platform that supports a brand new economy based on true digital ownership and are proud to be recognized as Y Combinator's #3 ranked top private company.When hiring candidates, we look for signals that a candidate will thrive in our culture, where we default to trust, embrace feedback, grow rapidly, and love our work. We also know how critical it is to celebrate and support our differences. Employing a team rich in diverse thoughts, experiences and opinions enables our employees, our product and our community to flourish. We are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. To help facilitate this, we support remote, hybrid or onsite work at either New York City, San Francisco or the Silicon Valley for the majority of our opportunities.As we continue to expand our platform, we are seeking a highly experienced and motivated Senior Application Security Engineer with Web3 expertise to join our team. The ideal candidate will be responsible for leading the efforts to ensure the security and integrity of our platform by identifying and mitigating potential threats, as well as maintaining and improving the overall security posture of our applications.

Responsibilities

• Lead the development, implementation, and maintenance of secure coding practices for our platform, with a strong focus on Web3 and blockchain technologies
• Conduct advanced security assessments, threat modeling, and code reviews of our applications and smart contracts, providing guidance to the engineering team
• Continuously monitor, identify, and remediate vulnerabilities in our applications and infrastructure, while driving security improvements
• Collaborate closely with cross-functional teams, including developers and product managers, to develop secure applications that adhere to industry best practices and regulatory requirements
• Design and implement advanced security features, such as authentication, authorization, and encryption, to protect sensitive data and user privacy
• Stay ahead of the latest security trends, vulnerabilities, and threat intelligence, as well as emerging technologies in the Web3 and blockchain space, providing recommendations to the team
• Develop and deliver security awareness training for developers and other team members, fostering a security-first mindset across the organization
• Lead incident response efforts and conduct post-mortem analysis to identify root causes and implement measures to prevent future occurrences

Desired Experience

• Minimum of 5 years of experience in a related role, such as: security, devops, site reliability engineering, or software engineering
• Proficient in one or more programming languages, such as Python, JavaScript, Typescript, or Golang.
• Familiarity with web application frameworks such as React, Next.js, or Django
• Solid understanding of web3, DAPPs, and smart contract development, preferably with experience in Ethereum or other similar platforms. A nice to have would be Solidity development experience.
• Strong knowledge of web security principles and best practices, including but not limited to OWASP Top Ten, secure coding practices, and encryption
• Experience in analyzing systems and identifying security problems, threat modeling, code auditing, data security, system design, and security reviews.
• Excellent problem-solving skills and the ability to adapt to new challenges in a fast-paced environment

If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone who is excited to join the team.The base salary for this full-time position, which spans across multiple internal levels depending on qualifications, ranges between  $170,000 - $285,000 plus benefits & equity.#LI-Remote

Listed in: Crypto Jobs, Remote Web3 Jobs, Devops Web3 Jobs, Community Crypto Jobs, Security Web3 Jobs, Full Time Crypto Jobs, Developer Crypto Jobs, Engineering Crypto Jobs, Web3 Crypto Jobs, Golang Crypto Jobs, React Web3 Jobs, Python Web3 Jobs, Senior Web3 Jobs, JavaScript Web3 Jobs, TypeScript Crypto Jobs, Data Web3 Jobs, Solidity Web3 Jobs, Sre Web3 Jobs, Ethereum Crypto Jobs.