Senior Application Security Engineer
OpenSea is the first and largest peer-to-peer marketplace for cryptogoods (like an eBay for crypto assets), which include collectibles, gaming items, and other virtual goods backed by a blockchain. On OpenSea, anyone can buy or sell these items through a smart contract. The OpenSea team has backgrounds from Stanford, Palantir, and Google, and is funded by YCombinator, Founders Fund, Coinbase Ventures, 1Confirmation, and Blockchain Capital.
OpenSea is the first and largest marketplace for non-fungible tokens, or NFTs. Applications for NFTs include collectibles, gaming items, domain names, digital art, and many other items backed by a blockchain. OpenSea is an open, inclusive web3 platform, where individuals can come to explore NFTs and connect with each other to purchase and sell NFTs. At OpenSea, we're excited about building a platform that supports a brand new economy based on true digital ownership and are proud to be recognized as Y Combinator's #3 ranked top private company.When hiring candidates, we look for signals that a candidate will thrive in our culture, where we default to trust, embrace feedback, grow rapidly, and love our work. We also know how critical it is to celebrate and support our differences. Employing a team rich in diverse thoughts, experiences and opinions enables our employees, our product and our community to flourish. We are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. To help facilitate this, we support remote, hybrid or onsite work at either New York City, San Francisco or the Silicon Valley for the majority of our opportunities.As we continue to expand our platform, we are seeking a highly experienced and motivated Senior Application Security Engineer with Web3 expertise to join our team. The ideal candidate will be responsible for leading the efforts to ensure the security and integrity of our platform by identifying and mitigating potential threats, as well as maintaining and improving the overall security posture of our applications.
- Lead the development, implementation, and maintenance of secure coding practices for our platform, with a strong focus on Web3 and blockchain technologies
- Conduct advanced security assessments, threat modeling, and code reviews of our applications and smart contracts, providing guidance to the engineering team
- Continuously monitor, identify, and remediate vulnerabilities in our applications and infrastructure, while driving security improvements
- Collaborate closely with cross-functional teams, including developers and product managers, to develop secure applications that adhere to industry best practices and regulatory requirements
- Design and implement advanced security features, such as authentication, authorization, and encryption, to protect sensitive data and user privacy
- Stay ahead of the latest security trends, vulnerabilities, and threat intelligence, as well as emerging technologies in the Web3 and blockchain space, providing recommendations to the team
- Develop and deliver security awareness training for developers and other team members, fostering a security-first mindset across the organization
- Lead incident response efforts and conduct post-mortem analysis to identify root causes and implement measures to prevent future occurrences
- Minimum of 5 years of experience in a related role, such as: security, devops, site reliability engineering, or software engineering
- Familiarity with web application frameworks such as React, Next.js, or Django
- Solid understanding of web3, DAPPs, and smart contract development, preferably with experience in Ethereum or other similar platforms. A nice to have would be Solidity development experience.
- Strong knowledge of web security principles and best practices, including but not limited to OWASP Top Ten, secure coding practices, and encryption
- Experience in analyzing systems and identifying security problems, threat modeling, code auditing, data security, system design, and security reviews.
- Excellent problem-solving skills and the ability to adapt to new challenges in a fast-paced environment
Please let OpenSea know that you found this job on Crypto Jobs List. This helps us get more companies to post crypto jobs here!