Explore Security Offers

Blockchain/Smart Contract Security Engineer

Global /

Security & IT Helpdesk – Security /

Full-time Onsite or Remote

Apply for this job

Binance is the global blockchain company behind the world’s largest digital asset exchange by trading volume and users, serving a greater mission to accelerate cryptocurrency adoption and increase the freedom of money.

Are you looking to be a part of the most influential company in the blockchain industry and contribute to the crypto-currency revolution that is changing the world?

As a blockchain / smart contract security engineer at Binance, you will focus on security of blockchain projects across our Binance Smart Chain (BSC) as well as other chains. It is a unique opportunity to contribute to the field and contribute to the blockchain community. You will work hand-in-hand with various talented workers from Binance on the bleeding-edge of crypto to guard safety across many projects and systems. You will also coordinate with other teams aside from the security group, which could provide you an in-depth understanding of the crypto world mechanism.

To Join Our Team, You should Be Excited To:

• Develop state of the art smart contract security analysis tool.
• Perform security assessment on key projects.

Minimum Qualifications:

• Self-motivated and quick learner.
• Knowledge of the BSC/Ethereum Virtual Machine EVM, blockchain technology, and crypto economic protocols.
• Hands on experience with compiler, parser, and assembler of smart contract bytecode.
• Static analysis and dynamic analysis of bytecode and source code.
• Strong communication and collaboration skills.
• Strong sense of ownership.

Working at Binance

• Do something meaningful; Be a part of the future of finance technology and the no.1 company in the industry

• Fast moving, challenging and unique business problems

• International work environment and flat organisation

• Great career development opportunities in a growing company

• Possibility for relocation and international transfers mid-career

• Competitive salary

• Flexible working hours, Casual work attire

By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice.

Head of Information Security, Philippines

Philippines, Manila /

Security & IT Helpdesk – Security /

Full-time Onsite or Remote

Apply for this job

Binance is the global blockchain company behind the world’s largest digital asset exchange by trading volume and users, serving a greater mission to accelerate cryptocurrency adoption and increase the freedom of money.

Are you looking to be a part of the most influential company in the blockchain industry and contribute to the crypto-currency revolution that is changing the world?

Responsibilities

• Protect Binance Philippines users and keep their funds SAFU
• Build and scale the security team
• Protect a diverse portfolio including platform security, enterprise security, blockchain security, network security, and endpoint security
• Articulate a long term vision for scaling our security operations to enable fast paced growth of the business
• Work closely with our legal and compliance teams on various licensing and regulation efforts.

Requirements

• You have at least 10 years of experience in Cyber security and at least 5 years leading and managing a team
• You have experience with security industry standards and data protection regulations including PDPL (Personal Data Protection Law of Philippines), ISO 27001, PCI, SOC2
• Strong academic background in Cybersecurity and certification in both CISSP and CISA
• You have experience collaborating with different business units to enable business growth while maintaining a high level of security
• You have a passion for the crypto space with a deep understanding of the ecosystem and players
• You have experience implementing the zero trust framework in a distributed working environment
• You’re familiar with current trends and best practices in security.

Working at Binance

• Do something meaningful; Be a part of the future of finance technology and the no.1 company in the industry

• Fast moving, challenging and unique business problems

• International work environment and flat organisation

• Great career development opportunities in a growing company

• Possibility for relocation and international transfers mid-career

• Competitive salary

• Flexible working hours, Casual work attire

By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice.

The Aave Companies (“Aave”) is focused on innovation in Web3 and has cultivated a thriving, collaborative culture. Valuing expertise and dedication, the Aave fam is welcoming, passionate, and eager to build great products. We celebrate differences and seek to recruit, develop, and retain the most talented people from a diverse candidate pool...and we are hiring!

As CISO, you will have a clear vision and strategy for Aave’s information and security operations. They will promote continuous improvement, innovation, and agility in service delivery, whilst collaborating with colleagues across the global business – including our regulated electronic money institution (“EMI”) in the UK.

As the CISO, you will be responsible for overseeing a wide range of technical and security controls; and leading an ongoing program of improvement in response to changing security threats and risk.

The role requires a thorough understanding of the technology underpinning our systems, as well as broad and up-to-date knowledge of information security frameworks; applicable legislation and regulation (UK, EU, US); vulnerability management; incident management and response; secure development techniques; cyber security engineering and operations; and the management and governance of cyber risks and security.

Ideal candidate profile:

• Performed a similar role in a distributed (remote) and cloud-driven organisation.
• Established and led a progressive information security function including IT infrastructure, application development, and service delivery.
• Strong information and cyber security background along with relevant formal qualifications.
• Strategic and lateral thinker with exceptional leadership credentials and a sophisticated approach to stakeholder and supplier management.
• Proven experience in managing and delivering information and security improvements across a global organisation whilst managing budgets and resources.
• Experienced in leading, developing, and motivating a team of information and data subject matter experts.

Key responsibilities:

• Define, develop, and maintain an Information and Cyber Security Framework across Aave in line with relevant legislation, regulation, and industry standards as applicable.
• Define, build, and maintain the required culture, plans, policies, procedures, systems, controls, reporting mechanisms, and assurance framework.
• Ensure the efficacy of the IT service delivery lifecycle including Security Operations, Security Architecture, and Security Assurance.
• Provide leadership and oversight of effective information and cyber security risk management in conjunction with the Risk team.
• Provide advice and direction to the business in respect of information and cyber security practices and operational processes.
• Work with internal stakeholders to ensure that planned changes to technologies, working practices, and business activities are managed appropriately and within the accepted risk profile.
• Ensure that information and cyber security risks presented through suppliers and delivery partners are identified and effectively managed.
• Drive and deliver change to information and security systems, processes, and procedures.
• Represent the business by engaging in appropriate external networks to ensure Aave can meet and respond to new information and security challenges and threats.
• Direct and/or assist with investigations into information security breaches.

Knowledge and skills:

• Excellent understanding of the following:
• Best practice within Information Security and risk management including standards such as ISO/IEC 27001, NIST-CSF, CIS-20CSC, and CObIT.
• Legislation, regulation, and accepted best practice that impact information Security e.g., Data Protection Act (2018), Freedom of Information Act, and PCI DSS4.0.
• Current and emerging threats and countermeasures impacting the ecosystem.
• Security technologies and wider business solutions including identity and access management, Security Incident and Event Management (SIEM) and Security Operation Centre (SOC), remote working, and cloud-first technologies.
• Collaborative leader with strategic acumen and problem-solving skills, able to inspire and motivate colleagues.
• Ability to think and plan strategically and systematically while recognising the need to deliver to the business requirements.
• Ability to work within a regulatory framework and to articulate its potential as a tool for continuous improvement across the wider organisation.
• Experience of conducting penetration tests and/or managing a third-party audit firm.

Qualifications:

• One or more of the following qualifications are essential:
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified Information systems Auditor (CISA)
• One or more of the following qualifications are desirable:
• MSc Information Security
• Achieved Senior or Lead level certification in the NCSC’s Certified Cyber Professional scheme in one or more of Security and Information Risk Advisor (SIRA), IA Architect, IA Auditor, IT Security Officer
• Full membership of the Institute of Information Security Professionals.
• AWS Certified Security – Specialty or Google Professional Cloud Security Engineer.

Benefits:

• A vibrant collaborative and fully serviced workspace in Notting Hill
• Innovation-driven working environment
• Daily lunch and snacks in the office
• Team socials
• Contributory pension scheme
• Private health care
• Private dental care
• 25 days holiday
• Equinox gym membership
• Front seat position working with decentralised financial technologies

Aave focuses on Technology, Blockchains, Fin Tech, and Web3. Their company has offices in London. They have a mid-size team that's between 51-200 employees.

You can view their website at https://www.aave.com or find them on Twitter.

We’re Coinbase. We’re the world’s most trusted way to join the crypto revolution, serving more than 89 million accounts in more than 100 countries. 

Our mission is to increase economic freedom around the world, and we couldn’t do this without hiring the best people. We’re a group of hard-working overachievers who are deeply focused on building the future of finance and Web 3.0 for our users across the globe, whether they’re trading, storing, staking or using crypto. Know those people who always lead the group project? That’s us.

There are a few things we look for across all hires we make at Coinbase, regardless of role or team. First, we look for candidates who will thrive in a culture like ours, where we default to trust, embrace feedback, and disrupt ourselves. Second, we expect all employees to commit to our mission-focused approach to our work. Finally, we seek people who are excited to learn about and live crypto, because those are the folks who enjoy the intense moments in our sprint and recharge work culture. We’re a remote-first company looking to hire the absolute best talent all over the world.

Ready to #LiveCrypto? Who you are:

• You’ve got positive energy. You’re optimistic about the future and determined to get there. 
• You’re never tired of learning. You want to be a pro in bleeding edge tech like DeFi, NFTs, DAOs, and Web 3.0. 
• You appreciate direct communication. You’re both an active communicator and an eager listener - because let’s face it, you can’t have one without the other. You’re cool with candid feedback and see every setback as an opportunity to grow.
• You can pivot on the fly. Crypto is constantly evolving, so our priorities do, too. What you worked on last month may not be what you work on today, and that excites you. You’re not looking for a boring job.
• You have a “can do” attitude. Our teams create high-quality work on quick timelines. Owning a problem doesn’t scare you, but rather empowers you to take 100% responsibility for achieving our mission.
• You want to be part of a winning team. We’re stronger together, and you’re a person who embraces being pushed out of your comfort zone.

The Security Engineering Key Orchestration team plays a critical part in ensuring Coinbase securely manages digital assets. This team builds services to automate the configuration and coordination of services relating to digital asset infrastructure.

As the Engineering Manager, you will play a critical role in force multiplying the effectiveness of the engineering team. You will enable your team to build a high-performance user friendly platform that makes interacting with digital asset infrastructure easy to manage for Engineering, Security and Product teams. Your team will be responsible for building the platform helping secure the digital asset infrastructure. 

What you’ll be doing (i.e. job duties): 

• Coach engineers on your team and help them find fulfilling growth paths.
• Enable your team to ship critical projects relating to digital asset infrastructure. 
• Enable your team to break down sophisticated projects into smaller pieces and iterate on their design and implementation.
• Work with the talent team to build your team.
• Create a positive energy work environment where engineers from all backgrounds can do their best work. 
• Setting and maintaining Service Level Agreements, Reliability metrics and on-call rotations for the systems the team owns. 
• Work closely with Security, Engineering and Product across Coinbase to create strategies for improving the way customers interact with digital asset infrastructure. 
• Project and capacity planning. 

What we look for in you:

• Multiple, real world examples of successes and failures as a Manager, and be ready to share what you learned. 
• Experience attracting, retaining and developing phenomenal talent on your team.
• Experience working on engineering teams that service other engineering teams. 
• Strong written and verbal communicator, and an even better listener. 
• Proven ability to coach your team through in managing ambiguity, holding themselves accountable and building what customers want. 
• Experience enabling a team to ship complex and multi-quarter projects successfully.
• Experience working in a critical path software environment.

Nice to haves:

• Familiarity with working in rapid growth environments
• Experience in working in a hardware and software environment with physical inventory management dependencies
• Experience in Golang, object-oriented programming languages and Docker
• Strong opinions on key management software design
• Experience being a risk manager
• Experience working in a highly regulated environment

GP2275

#LI-Remote

Please note that for employees based in the US, Philippines, Canada or Singapore, if your role requires you to be present in a Coinbase office or if you choose to be physically present in a Coinbase office or sponsored location, you will be required to be fully vaccinated from COVID-19 (as defined by applicable law).  If you receive an offer, you will receive additional information about the grounds and process for an exemption.

Commitment to Equal Opportunity

Coinbase is committed to diversity in its workforce and is proud to be an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law.  For US applicants, you may view Pay Transparency, Employee Rights and Equal Employment Opportunity is the Law notices by clicking on their corresponding links.  Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law.    

Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to accommodations[at]coinbase.com and let us know the nature of your request and your contact information.  For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required.

Blockdaemon is looking for a talented Security Engineer who thrives on ambiguity and loves endless discovery. You will work with teams across the organization to identify, prioritize, and remediate vulnerabilities relevant to Blockdaemon’s infrastructure. You will build and maintain security tooling and services to support the expanding needs of our Security organization while using the widest array of technologies and working with bleeding edge applications. 

Position Overview:

• Assess, design, implement, automate, and document security solutions and processes for K8s, Public and Private Cloud environments, SaaS applications and other cloud platforms
• Implement and tune detection logic for threats specific to Blockdaemon
• Work closely with observability engineers to address any gaps in observability
• Work with platform engineers on secure best practices in Infrastructure as Code, cloud design patterns and CI/CD with built in application security controls
• Work on key areas to develop baseline cloud, container, and application security standards and integrate into the CI/CD pipeline
• Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements
• Implement "security as code" using cloud services Terraform, and CI/CD components
• Respond to and, when appropriate, resolve or escalate security incidents
• Develop and maintain documentation for security systems and procedures
• Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures

Required Experience:

• Minimum 4 years of experience as a Security Engineer or equivalent working experience
• Significant technical experience in Cloud Computing technologies and automation
• Ability to break down complex problems and implement custom solutions or scripts beyond just basics to demonstrate thoroughness of problem solving and automated security
• Experience in DevOps environments working with and influencing developers to maintain security through CI/CD processes.
• Experience working with container technologies including Docker and Kubernetes
• Experience with the development, deployment, and automation of security solutions in an enterprise cloud-based environment
• Knowledge of network based, system level, and application layer attacks and mitigation methods
• Experience with or understanding of a broad range of security technologies including IDS/IPS, IAM, Certificate Management, etc.
• Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
• An understanding of identity federation, authentication, and authorization (SAML, OIDC, OAuth)

Anonym is an early-stage, venture backed company building foundational technologies to enable the $500B+ digital advertising industry to truly embrace privacy. Our vision is to rebuild trust in the free, open internet by ensuring people’s data is used in ways that meet their expectations while also enabling performant advertising. To achieve this vision, and put privacy and consumer empowerment at the core, we believe the advertising ecosystem of the future can and should embrace web3 concepts including decentralization, cryptography, transparency and open governance. The company was founded in 2022 by industry veterans with a combined 50 years of experience across product development, digital analytics and marketing.

Anonym is seeking a senior security engineer. Our ideal candidate has:

• Education: bachelor’s in engineering
• 7+ years of experience in software engineering
• 1+ years of experience in securing cloud solutions
• Demonstrated knowledge of current best security practices in cloud solutions
• Strong coding skills in one or more popular languages and platforms
• Strong interpersonal skills
• Experience in a threat intelligence, reverse engineering, or related role

Preferred qualifications:

• Education: masters/PhD in computer science or applied math with the focus on security algorithms/techniques
• 3+ years of working with clouds and securing production services
• Ability to represent the company from security perspective
• Deep understanding of security vulnerabilities and attacks in hardware, software, network, and people

Benefits:

• Competitive salary and pre-IPO stock options
• 100% company-paid medical, dental and vision insurance
• Optional HSA and FSA medical reimbursement accounts

What we're looking for…

We are looking for an engineer that can contribute toward the design, implementation and optimization of the security of our infrastructure and cloud environments.

A security engineer who would work within an agile team of engineers delivering highly resilient, scalable, automated, and performant infrastructure. Our team values pragmatic, maintainable, and conscientious solutions which leave work in a better shape than how it was found.

As a Cloud/Infra Security Engineer you will…

Help us solving hard security problems in areas like:

• Supply-Chain Security
• Work on our Third-party dependency review policy as well as on tooling and best practices around third-party dependencies
• Vulnerability Management Response and related tooling and best practices when vulnerabilities get identified/released somewhere in our stack or dependencies.
• Decentralized Trust
• We strongly believe tomorrow’s internet is being built today, and we want to help build a secure, decentralized internet, where you never need to trust anybody
• Zero Trust Architecture
• Automated infrastructure
• We strongly believe that the more our infrastructure is automated, the easier it is to manage from all points of view, including the security angle.
• Hardware security modules
• When working with cryptographic keys, as we often need to, it is essential to make sure we’re making an attacker’s job as difficult as possible, relying on HSMs, TPMs, and TEEs, we believe we can enhance our architecture and improve our defense in depth.

Typically, this could mean:

• Proactively introduce new controls into our infrastructure that enhance our security posture.
• Identify the areas and components whose security needs improvement and help our teams perform proper threat modelling and assess which measures should be taken to harden these further.
• Help us automate and contribute to, or develop, open-source tools to improve our security posture.
• Identify security gaps and bring new processes or solutions to fix these.
• Collaborate closely with our Application Security, Red Team
• Be a security advocate within Protocol Labs.

You may be a fit for this role if you have…

• Strong threat modeling skills, demonstrable experience in security engineering
• Good understanding of the DevOps philosophy and experience with GitOps
• Know how to build, test, run, and secure Docker containers using orchestration platforms (such as Kubernetes).
• Excellent written and verbal communication skills on both technical and non-technical issues
• A keen awareness of teamwork, process, and patterns of successful collaboration.
• A will to challenge the status quo and bring the changes we need.

Added benefits…

• Have the chance to help us shape our new NetOps Security Squad team as you’d like it to be!
• Good budget for formation and conference, no questions asked: you’re our expert, you know best which are valuable for you to become better at what you do.

We're looking for a senior software engineer who is familiar with Typescript; someone who wants to work in an early stage start-up and is motivated at the prospect of working on a wide range of security-adjacent technical challenges. You're a strong problem solver who loves to learn — we're not experts in everything and we don't expect you to be either. 

Our team focuses on addressing actual business continuity risks without compromising developers productivity — we are not compliance-oriented and are not driven by traditional security certifications. You would fit very well if you are an experienced delivery-oriented generalist who likes learning new technologies and thinking from the first principles.

You will work closely with our Security Lead to improve smart contact security across the company. You will be creating software development lifecycle automations; fetching, processing and visualizing on-chain insights, integrating with various APIs; developing interfaces and security alerting for internal teams. You will be evaluating various security tools, developing Github actions for our CI/CD flows and improving our inventorization system (we are using Backstage).

You don’t need to be a designer but you know what a good UX is and know how to put a few React MUI components neatly together. You don’t have to have prior security or blockchain experience — you will be working with the experts who will support you and your excellent software engineering background will be a great foundation to grow in this space.

This position provides room to grow and work at the Staff level of seniority: we are working horizontally across all development teams in the company, driving the technical governance for smart contracts and collaborating with a wide range of vendors and partners. Most of our work is open source and there is an opportunity to add value to and influence the wider blockchain community.

Qualifications

• Excellent Typescript coding skills
• Proficiency in at least one of systems programming languages, Linux and Docker
• Experience in maintaining complex multi-component products (Indexers, Queues, Alerting) in distributed teams
• Strong spoken and written English
• Ability to join the team calls during European working hours
• Ability to join an on-call schedule

Nice to have

• Understanding of Blockchain development ecosystem and best practices (e.g. Hardhat, Truffle, Foundry, etc)
• Understanding of Rust development ecosystem and best practices
• Experience working with Solidity or Rust
• Experience automating CI/CD pipelines at scale
• Technical leadership experience

Responsibilities

• Extend and maintain security-related Github Actions and shared Github Workflows for our smart contract teams across Solidity and Rust code bases
• Evaluate and integrate security-related tools and services
• Create and maintain Github template repositories for smart contracts
• Enforce code signing, code reviews and other developer flows
• Extend and maintain our smart contract inventorization system (Backstage)
• Ingest and visualize security-relevant on-chain state
• Implement alerting pipelines for anomaly detection and access management-related on-chain events
• Formalize and automate metadata management for security audits
• Create and maintain integration with other infrastructure components (Cloud, Grafana, CI)
• Implement security-relevant developer flows
• Work in a fully distributed security team
• Provide input and autonomously execute on security strategy
• Design and be responsible for various software components end-to-end
• Drive technical excellence: set the bar for code quality and mentor more junior developers
• Participate in an on-call rotation for serious security incidents

Blockdaemon is looking for a talented GRC Lead Analyst that is an innovative thinker who is excited to help scale one of the largest decentralized blockchain infrastructure platforms in the world. You will lead and grow a team that will ensure appropriate security controls and compliance requirements are implemented across Blockdaemon’s systems. Working in tandem with our Security, SRE, IT and DevOps teams to drive security audits and lead key efforts around security posture. 

Position Overview:

• Lead evidence collection and documentation for known policy frameworks such as:
• ISO27001
• SOC 2 Type 2
• PCI/DSS
• GDPR, CCPA
• Work with Security, SRE, IT and DevOps to identify processes, procedures, guidelines and frameworks
• Continuously monitor for controls and gaps within processes and technology configurations to identify gaps between company processes and frameworks 
• Generate,  innovate, and maintain policies used by the organization
• Educate staff on compliant practices and processes
• Conduct risk assessments against products, features, datasets, applications, and third party vendors
• Support vendor due-diligence process and help lead third party risk management program
• Participate in disaster recovery and business continuity planning
• Conduct gap assessments to validate compliance on an ongoing basis
• Stay up to date on regulatory concerns and changing security landscape and information technology

Required Experience:

• 5+ years in supporting compliance, risk, security, and IT operations
• Experience developing, championing and managing internal compliance programs
• Familiarity with multiple technology backbones and related supporting infrastructure
• Excellent knowledge of Data Privacy (i.e. GDPR, CCPA) and implementing data protection controls
• Experience managing processes and programs leveraging Security frameworks (i.e. NIST, ISO) and Security Management frameworks (i.e. ISO27001, SOC 2)
• Familiarity with Atlassian Suite and Confluence
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Ability and willingness to work in a rapidly evolving regulatory environment
• Comfort of working in a fully remote environment