LightsparkRemote
Senior Crypto Security Engineer
United States of America
Full Time
4 hours ago
$200,000 - $238,000 USD
H1B Sponsor Likely
Key skills
PythonGoRustAWSGCPBlockchainDeFiSDLCCI/CDOWASP
About this role
Lightspark is building the open payment protocol for the Internet making money move like data. They are seeking a Senior Security Engineer to architect the safety of a high-throughput, decentralized payment network, focusing on securing infrastructure and application security while understanding blockchain protocols.
Responsibilities:
- Secure Protocol Engineering: Perform deep-dive code audits and risk assessments of core protocol implementations and payment channel logic. You will prevent funds loss or state corruption by identifying edge cases in distributed systems
- Hardened Infrastructure: Architect and secure our cloud-native footprint (AWS/GCP), ensuring that validator nodes, signing services, and P2P networking are resilient against both traditional DDoS and protocol-specific eclipse attacks
- Application & Lifecycle Security: Build and maintain the Secure SDLC for our products. This includes automated security analysis (SAST/DAST) in CI/CD, managing high-stakes bug bounties, and performing manual penetration tests on our financial APIs
- Cryptographic Operations: Design and manage mission-critical Key Management Systems (KMS). You will lead the implementation of Multi-Party Computation (MPC), Threshold Signatures (TSS), and HSM integrations to secure private keys at scale
- Detection & Response: Develop specialized monitoring for both Cyber threats (unauthorized access, lateral movement) and On-chain threats (channel jamming, fee-siphoning, or routing anomalies)
- Security Expert: Serve as the subject matter expert for engineering teams, bridging the gap between standard web security and crypto-native security
Requirements:
- 6+ years in Security Engineering with a proven track record that spans Infrastructure, Application Security, and Blockchain/DeFi
- Hands-on experience with cryptographic primitives (Elliptic Curve, Schnorr, Merkle Trees) and a fundamental understanding of Layer 2 scaling (Lightning Network)
- High proficiency in Python, Rust or Go. You should be capable of auditing systems-level code for memory safety, race conditions, and cryptographic flaws
- A history of identifying vulnerabilities in decentralized protocols or high-scale distributed systems. You think three steps ahead of the attacker
- Understanding of how to apply traditional frameworks (NIST, OWASP) to the non-traditional world of decentralized finance and self-custody
- Ability to translate complex cryptographic risks into actionable engineering requirements for non-security peers
- A CS degree is ideal, but we also value contributions to open-source security tools or a history of disclosed vulnerabilities in the crypto space