Key skills
AWSJavaKubernetesOpen SourceRustGoC++CRisk ManagementPenetration Testing
About this role
Role Overview
- Designing and deploying active fuzzing, black+white box testing and penetration testing infrastructure for open source and production systems
- Performing security audits and review of both internal production systems as well as open source software which interacts with Bitcoin+Lightning in a security critical manner
- Provide mentorship and guidance to level up your teammates
- Creating global security policy, standards, guidelines, and procedures to ensure ongoing maintenance of security
- Overseeing security aspects of software release processes and infrastructure
- Determining security team requirements for future growth
- Developing and ensuring responsiveness of security incident management processes
- Performing risk management assessments
Requirements
- At least 5 years prior experience in systems security
- An ability to work with a high impact, fast-moving startup team
- Extensive knowledge of operating system and computer architecture internals
- Strong understanding of cryptography, protocol design and adversarial analysis
- Experience in reverse engineering and exploiting of cryptographic protocol (cryptocurrencies like Bitcoin) systems
- Extensive expertise with professional software development experience in Go, Rust, C/C++, and/or Java
- Experience in security incident response
- Experience in security code review and vulnerability triaging
- Prior experience running an open source facing bug bounty program
- 2+ years management experience or experience as a senior decision maker
- Experience working with remote teams
- Experience working with Kubernetes and AWS infrastructure
- Working knowledge of fundamental Bitcoin and Lightning design principles
- Candidates with additional experience are welcome to apply as we are open to adjusting the role accordingly.
Tech Stack
- AWS
- Java
- Kubernetes
- Open Source
- Rust
- Go