Information Security Engineer, Product

As a Security Engineer at Aptos Labs, you will be responsible for ensuring the security and integrity of the Aptos ecosystem. Your role will involve conducting design reviews, code audits, penetration tests, and overseeing bug bounty programs to proactively identify and mitigate security risks. You will collaborate with developers to create and adopt security-focused tools and frameworks, while also providing guidance and training on security best practices to engineering teams. Additionally, you will have the opportunity to contribute to the security community and shape the future of the web3 landscape.

• Analyze and assess novel and recurring security issues through design reviews, code audits, penetration tests, and bug bounty programs.
• Build and prototype security tools, exploit mitigations, frameworks, and hardening strategies for vulnerability detection and prevention.
• Review and develop secure operational practices and provide security guidance for engineers and support staff.

• B.S. or M.S. in Computer Science, a related technical field, or equivalent experience
• Experience in vulnerability research and exploitation
• Familiarity with native and web programming languages, development practices, and common bug patterns (Rust, TypeScript, Pulumi, Terraform, Helm)
• Familiarity with analysis tooling and frameworks (fuzzing, static analysis, flamegraph, etc.)
• Contributions to the security community (public research, blogging, presentations, etc.) preferred
• Familiarity with web3 programming languages (Move, Solidity, etc.), security tools and frameworks, including formal verification preferred

• 100% insurance premium coverage for medical, dental, and vision for you and your dependents (US Employees)
• Equipment of your choice
• Flexible vacation time, 11 holidays, and floating company days off
• Competitive Salary
• Equity (RSUs)
• Protocol Token Grants
• 401k matching (US Employees)
• Fun and inclusive in-person and digital events