Вакансия Senior Security Engineer/Architect

Skills

• Web3
• Kubernetes
• AWS
• GCP
• IAM
• RBAC
• MFA
• OAuth2
• SSO
• SIEM
• SAST
• DAST
• IaC

Описание вакансии

We seek a highly skilled Security Engineer/Architect to design, implement, and maintain a robust security infrastructure for our EVM blockchain. The ideal candidate will ensure the safety of all system layers, from access control to blockchain integration, decentralized communication, validation processes, and advanced cryptographic methods.

Requirements

• 5+ years in security engineering, with hands-on experience in DevSecOps and, preferably, Web3;
• Deep understanding of blockchain technologies and integration methods.
• Solid understanding of containerized infrastructure, Kubernetes
• Proven experience working with cloud platforms (AWS, GCP, any experience with bare metal infrastructure will be a huge plus);
• Deep understanding of security principles, such as least privilege, defense in depth, secure defaults, and trust boundaries;
• Strong knowledge of network security (e.g., TLS, VPNs, firewall rules, intrusion detection);
• Familiarity with common vulnerabilities and exploit patterns (e.g., SQLi, XSS, CSRF, SSRF, RCE);
• Understanding of encryption fundamentals (symmetric/asymmetric cryptography, key rotation, secure storage);
• Practical experience with identity and access management (IAM, RBAC, MFA, OAuth2, SSO);
• Proven track record securing production infrastructure (and SDLC as a whole). This also includes implementation and maintenance of the following:
• SIEM platforms;
• SAST/DAST tools;
• Infrastructure as Code (IaC) security scanning tools;
• Secrets management (any experience with highly secure HSM stores will be highly appreciated);

Would be a plus

• Expertise in blockchain solutions, VMs, and smart contracts, any prior Solidity experience will be a huge plus;
• Experience with high-performance transaction systems and distributed systems.
• Strong knowledge of microservices patterns, API design, and message brokers (e.g., RabbitMQ, Kafka).
• Familiarity with security policies and standards (e.g., NIST, ISO27001, CIS Benchmarks);
• Experience conducting or preparing for security audits or compliance assessments (SOC2, GDPR, etc.);
• Creating and maintaining playbooks for security incidents, access reviews, and response procedures;

Responsibilities

• Own and maintain internal security tooling (e.g., scanners, linters, alerting systems);
• Design, configure, and maintain security controls across infrastructure (firewalls, IAM policies, network segmentation);
• Continuously update threat models based on real usage and emerging attack patterns;
• Own access control systems for internal and on-chain resources (e.g., multisig ops, key custody, signer policies);
• Perform static and dynamic analysis of codebases, including integrating SAST/DAST tools into CI/CD;
• Stay up to date with emerging vulnerabilities, test their impact on internal systems, and patch proactively;
• Drive the integration of inner account ecosystem projects, ensuring smooth operation;
• Work with DevOps and other product teams to secure cloud and containerized infrastructure;
• Participate in optimization of the platform’s performance, reliability, and fault-tolerance capabilities;
• Act as a technical advisor, mentoring development teams and ensuring architectural consistency.
• Participate in design and implementation of secure architecture across all blockchain layers (Execution, Consensus, etc.);
• Manage security procedures for all core and periphery blockchain tools (explorer, validator portal, etc.);