LightsparkRemote
Senior Crypto Security Engineer
United States of America
Full Time
3 weeks ago
$200,000 - $238,000 USD
H1B Sponsor Likely
Key skills
Security EngineeringInfrastructure SecurityApplication SecurityBlockchain SecurityCryptographic PrimitivesLayer 2 ScalingSystems ProgrammingPythonRustGoVulnerability AssessmentDistributed Systems SecurityNIST FrameworkOWASP FrameworkSecure SDLCSASTDASTPenetration TestingKey Management SystemsMulti-Party ComputationThreshold SignaturesHardware Security ModulesCyber Threat DetectionOn-chain Threat DetectionAWSGCPBlockchainDeFiSDLCCI/CDOWASP
About this role
Lightspark is building an open payment protocol for the Internet, enabling instant and secure money transfers globally. They are seeking a Senior Crypto Security Engineer to architect the safety of a decentralized payment network, focusing on protocol security, infrastructure hardening, and cryptographic operations.
Responsibilities:
- Perform deep-dive code audits and risk assessments of core protocol implementations and payment channel logic
- Architect and secure our cloud-native footprint (AWS/GCP), ensuring that validator nodes, signing services, and P2P networking are resilient against both traditional DDoS and protocol-specific eclipse attacks
- Build and maintain the Secure SDLC for our products, including automated security analysis (SAST/DAST) in CI/CD, managing high-stakes bug bounties, and performing manual penetration tests on our financial APIs
- Design and manage mission-critical Key Management Systems (KMS), leading the implementation of Multi-Party Computation (MPC), Threshold Signatures (TSS), and HSM integrations to secure private keys at scale
- Develop specialized monitoring for both Cyber threats (unauthorized access, lateral movement) and On-chain threats (channel jamming, fee-siphoning, or routing anomalies)
- Serve as the subject matter expert for engineering teams, bridging the gap between standard web security and crypto-native security
Requirements:
- 6+ years in Security Engineering with a proven track record that spans Infrastructure, Application Security, and Blockchain/DeFi
- Hands-on experience with cryptographic primitives (Elliptic Curve, Schnorr, Merkle Trees) and a fundamental understanding of Layer 2 scaling (Lightning Network)
- High proficiency in Python, Rust or Go
- A history of identifying vulnerabilities in decentralized protocols or high-scale distributed systems
- Understanding of how to apply traditional frameworks (NIST, OWASP) to the non-traditional world of decentralized finance and self-custody
- A CS degree is ideal, but we also value contributions to open-source security tools or a history of disclosed vulnerabilities in the crypto space
- Ability to translate complex cryptographic risks into actionable engineering requirements for non-security peers