Staff Backend Engineer - Security

At dYdX, you will have the opportunity to contribute to the development of cutting-edge decentralized technology that will revolutionize global financial markets. As an early member of the team, you will play a crucial role in shaping the future of dYdX. This role involves partnering with developers to assess software releases, integrating security partners and tools, investigating and responding to potential incidents, ensuring secure system designs, identifying and patching vulnerabilities, and providing security training and guidance. With a focus on backend engineering and cybersecurity, this position requires expertise in writing secure and efficient code.

• Partner with developers to review and assess new software releases, identify risks, and provide solutions
• Lead integrations of security partners and tools as needed
• Investigate events, triage potential incidents, and work with teams to drive response efforts
• Review system designs to ensure secure and reliable backend systems
• Discover and patch security vulnerabilities (OWASP Top 10)
• Proactively identify and reduce security risks in code base
• Remove outdated and vulnerable code and code libraries
• Write and review secure smart contract and protocol code
• Develop security training and guidance for internal development teams
• Work with multi-functional teams to develop the best overall product
• Manage individual project priorities, deadlines, and deliverables with technical expertise

• 7+ years of backend engineering experience and/or security engineering/cybersecurity experience
• Ability to continuously review and assess new software releases, identify risks, and provide solutions
• Experience in assessing and leading integrations of security partners and tools
• Ability to investigate events, triage potential incidents, and work closely with teams during incidents
• Knowledge of reviewing system designs to ensure secure and reliable backend systems
• Proficiency in discovering and patching security vulnerabilities (OWASP Top 10)
• Proactive identification and reduction of security risks in code base
• Ability to find and remove outdated and vulnerable code and code libraries
• Experience in writing and reviewing secure smart contract and protocol code
• Development of security training and guidance for internal development teams
• Collaboration with multi-functional teams to develop the best overall product
• Project management skills to manage individual project priorities, deadlines, and deliverables
• Ability to write secure, efficient, and high-quality code

• Competitive salary range of 201K to 350K USD
• Possible variable compensation such as annual merit increases, bonus eligibility, commission, or equity incentive
• Backend engineering experience and/or security engineering/cybersecurity experience
• Opportunity to write and review secure smart contract and protocol code
• Development of security training and guidance to internal development teams
• Collaboration with multi-functional teams to develop the best overall product
• Management of individual projects priorities, deadlines, and deliverables with technical expertise
• Opportunity to learn or gain experience in Solidity, Go JavaScript, TypeScript, Node.js, PostgreSQL, Redis, Kafka, Express, WebSockets, Docker, AWS, Terraform
• Fast learner who can quickly master new technologies
• Interest in building out a team of security engineers (nice to have)
• Strong interest in decentralized finance (nice to have)
• Experience building blockchain applications or smart contracts (nice to have)
• Experience architecting and developing solutions to ambiguous problems with significant impact (nice to have)
• CS Degree or equivalent experience (nice to have)
• Preferred location in NYC (nice to have)