Senior Security Engineer
About The Position
The primary responsibility of this role is for CertiK’s security-related services. Intersecting cybersecurity and blockchain, CertiK’s security offerings include security consulting, security reviews, security auditing of smart contracts and blockchains, verification of smart contracts, penetration testing, and more. We are looking to hire someone with a passion for application security and penetration testing. This is a fun and challenging full-time position. If you are excited about hacking, threat modeling, scanning, auditing, designing, and enhancing the security of applications across the board then you will thrive in this role. While you work with clients, we will also provide you with plenty of opportunities to get involved with research and development efforts to help us raise the standards of blockchain security.
Requirements
- Master’s degree in Computer Science, Software Engineering, Security Informatics, or related field.
- Expertise in threat modeling/architectural risk assessment using structured methodologies (e.g., STRIDE/DREAD)
- Advanced knowledge of SSDLC, including static/dynamic analysis/QA practices & end-to-end vulnerability lifecycle management (tracking/remediation coordination/verification)
- Strong ability to conduct comprehensive security assessments across network infrastructure/application architecture/system configurations
- Familiarity with cloud environments (AWS/Azure/GCP) & CI/CD deployment workflows
- Proficiency in Java/Python with applied skills in secure coding/debugging/symbolic execution & internal tooling/automation scripting
Responsibilities
- Lead design/deployment of enterprise-grade security solutions to safeguard internal networks/applications/infrastructure, ensuring confidentiality/integrity/availability of mission-critical systems & data
- Define/enforce organization-wide security policies/standards; own end-to-end vulnerability management lifecycle & lead cross-functional incident response with engineering/IT/compliance teams
- Oversee real-time threat detection/response operations; conduct forensic investigations & drive root cause analysis for high-impact security incidents to inform long-term defense strategies
- Manage/execute comprehensive security assessments across internal/third-party systems, including architecture reviews/endpoint security evaluations/infrastructure hardening initiatives
- Guide secure development practices by applying advanced static/dynamic analysis to identify vulnerabilities & deliver remediation guidance to engineering teams
- Conduct threat modeling/risk analysis for high-value systems to proactively identify/mitigate attack vectors & influence system/product architecture
- Architect/maintain internal security tooling to expand detection coverage, streamline response workflows & enhance operational visibility
Benefits
- medical, vision, and dental insurance
- 401(k) plan with company matching
- life and accidental death and dismemberment insurance
- HSA (with high deductible plan)
- FSA
- flexible paid time off
- holidays
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
