Security Engineer, Product Security
Role in brief
Chainlink Labs is hiring a Security Engineer to build and deploy security tools and features for its oracle platform. This role involves integrating security into all stages of product development, from design to deployment, across Chainlink's core node and other Web3 initiatives. Candidates with experience in Go or Rust and a background in security software or enterprise systems will find this role a good fit.
About the role
This role focuses on developing and implementing security measures for Chainlink's decentralized oracle network. The Security Engineer will be responsible for creating security tools and controls used throughout the company, as well as designing and deploying new security features directly into public Chainlink products, including the core node. The objective is to make the network resilient against attacks and ensure rapid detection of any threats.
A key aspect of this position involves embedding security into the foundational design of all upcoming engineering and non-engineering projects at Chainlink. This means actively participating in new initiatives to ensure security is considered from the outset, rather than as an afterthought. The engineer will also contribute to defining and achieving the broader security objectives of the company.
Success in this role requires a proactive approach to security within a fast-paced environment. The Security Engineer will help establish new processes and systems that enhance the overall security posture of Chainlink, which underpins a significant portion of decentralized finance. The work directly contributes to protecting the Web3 ecosystem by securing critical infrastructure.
The annual salary for this position ranges from $106,000 to $260,000 USD.
Skills that matter here
- Go: Experience in Go is a minimum qualification, indicating its use in developing Chainlink's security software and systems.
- Rust: Experience in Rust is also a minimum qualification, suggesting its application in building secure components or tools for the platform.
- Unix: Comfort with Unix operating systems, including macOS, is required for daily development and system interaction.
- Solidity: Experience writing or auditing Solidity is a desired qualification, indicating potential work with smart contracts on EVM-compatible networks.
- React: Experience auditing or securing frontends built with React is a desired skill, pointing to security considerations for user interfaces.
- cryptography: A strong understanding of cryptography concepts like TLS, FIDO, and public key cryptography is desired for designing and implementing secure systems.
Who this role suits
- A person who thrives in a dynamic, rapidly evolving technological landscape.
- Someone with a proactive mindset, eager to integrate security into early design phases of projects.
- An individual who enjoys building security software and securing enterprise-level systems.
- A candidate who is comfortable working autonomously in a remote, globally distributed team.
From the employer
- Build security tools and controls that are deployed across the company
- Design, develop, and deploy new core security features to public Chainlink products like the Chainlink core node
- Define new processes and systems that make attacks on our networks hard to execute and easy to detect
- Immerse yourself in Chainlink’s upcoming engineering and non-engineering projects and ensure security is fundamental to their design and functionality
- Help define, shape, and achieve the company’s broader security goals
Minimum Qualifications:
- Experience in Go or Rust
- Experience in a security related function
- Experience building security software or securing enterprise systems
- Comfortable with Unix operating systems (including macOS)
- Ability to adapt to fast changing environment and set of technologies
Desired Qualifications:
- Experience writing or auditing Solidity
- Experience auditing or securing frontends (React, NPM)
- Strong understanding of cryptography, including concepts such as TLS, FIDO, encryption, and public key cryptography
- Familiarity with security analysis tooling and frameworks
- Enthusiasm for the Ethereum (and other EVM compatible networks) with experience in tooling development, hardware wallets, and deployments
- Experience working on open source software with a GitHub history to prove it
- All roles with Chainlink Labs are global and remote-based.
- Unless otherwise stated, we ask that you try to overlap some working hours with Eastern Standard Time (EST).
- We carefully review all applications and aim to provide a response to every candidate within two weeks after the job posting closes.
- Commitment to Equal Opportunity: Chainlink Labs is an equal opportunity employer. All qualified applicants will receive equal consideration for employment in compliance with applicable laws, regulations, or ordinances.
Questions about this role
What is the remote work policy for this role?
This is a global, remote-based position, but candidates are asked to overlap some working hours with Eastern Standard Time (EST).
What level of experience is required?
The role requires experience in a security-related function and experience building security software or securing enterprise systems, with proficiency in Go or Rust.
How do I apply for this position?
The job posting states that all applications are carefully reviewed, and the company aims to respond to every candidate within two weeks after the job posting closes.