Uniswap LabsRemote
Senior Application Security Engineer
United States
Full-time
1 week ago
$230,000 - $255,000 USD
H1B Sponsor Likely
Key skills
Application SecurityThreat ModelingSecurity Testing ToolsProgramming LanguagesCloud EnvironmentsDevSecOps PracticesIAM StandardsSecurity CertificationsCrypto KnowledgeCommunication SkillsCollaboration SkillsJavaScriptPythonJavaAWSGCPKubernetesDockerIAMOAuthSAMLDeFiSDLCCommunicationOWASP
About this role
Uniswap Labs is a core contributor to the Uniswap Protocol, the world’s largest DEX. They are seeking a Senior Application Security Engineer to enhance the security of their products and infrastructure, working across teams to embed security practices and mentor engineers.
Responsibilities:
- Partner with engineering and product teams to design and build secure systems across web, mobile, and backend environments
- Lead threat modeling, code reviews, and vulnerability assessments to identify and mitigate risks early in the SDLC
- Define and evolve secure development practices, including tooling, automation, and developer education
- Investigate and respond to application security incidents, drive root cause analysis, and implement long-term preventive measures
- Evaluate new security technologies and approaches to continuously raise the bar for application and protocol security
- Mentor engineers and foster a culture of security awareness and shared responsibility
Requirements:
- Bachelor's or Master's degree in Computer Science, Engineering, or a related field
- 5+ years of experience in application security or related fields, ideally with experience in fast-moving or high-impact environments
- Strong understanding of web, mobile, and cryptographic security fundamentals (e.g. OWASP Top Ten, SANS/CWE Top 25)
- Hands-on experience with security testing tools and methodologies (static/dynamic analysis, pen testing, etc.)
- Proficiency in programming and scripting languages (Java, Javascript, Python preferred)
- Experience with cloud and containerized environments (AWS, GCP, Docker, Kubernetes)
- Excellent communication skills and the ability to influence and collaborate across teams
- Familiarity with crypto or DeFi systems and their unique security challenges
- Experience with DevSecOps practices and automation
- Knowledge of IAM and authentication standards (OAuth, SAML) or compliance frameworks (GDPR, PCI-DSS)
- Relevant certifications (CISSP, OSCP, CSSLP)
- Love for unicorns 🦄