RemoteLeaf Logo
Log in Sign up

Sr. Security Engineer (Penetration Testing)

3 months ago
United States
Full-time
Senior
Security Engineer
Cybersecurity
Android AWS Azure Bash Blockchain Encryption GCP iOS JavaScript Penetration Testing Python TypeScript
Apply Now
CertiK

CertiK

$152M raised
View All Jobs 12

Description

  • Perform security assessments on web, mobile, thick-client applications, and browser extensions.
  • Plan and execute external and internal network penetration tests.
  • Conduct security source code reviews across multiple languages and produce actionable findings.
  • Perform cloud security reviews of platforms such as AWS, Azure, and GCP.
  • Develop comprehensive penetration test reports tailored to both technical and non-technical audiences.
  • Research and develop new pentesting techniques, tools, and methodologies for applications in the blockchain/Web3 space.
  • Contribute to community-facing materials by developing tools, presentations, and blog posts.
  • Collaborate with clients and internal R&D to threat model, scan, audit, design, and enhance application security.

Requirements

  • Minimum of 4 years of experience in application security and penetration testing.
  • Passion for cryptocurrency, DeFi, and blockchain, with willingness to learn Web3 technologies such as smart contracts.
  • Experience in source code review for multiple languages, with strong understanding of JavaScript and TypeScript.
  • Experience in mobile application penetration testing.
  • Familiarity with cloud platforms and their security risks (AWS, Azure, GCP).
  • Experience programming with scripting languages such as Python and Bash.
  • Solid understanding of cryptography.
  • BS/MS/PhD in Computer Science or Information Security (or equivalent experience).
  • Strong spoken and written communication skills.
  • (Nice to have) Experience pentesting Web3 applications (crypto exchanges, wallets, DApps, key custodians), smart contract security audits, browser extension security, participation in bug bounties/audit contests, published security write-ups or talks, and certifications such as OSCP, OSWE, OSCE, or GWAPT.

Benefits

  • Target U.S. annual base salary range: $100,000 - $180,000 (final offer depends on skills and experience).
  • Remote work option (#LI-Remote).
  • Medical, vision, and dental insurance.
  • 401(k) plan with company matching.
  • Life and accidental death & dismemberment (AD&D) insurance.
  • HSA (with high deductible plan) and FSA, plus flexible paid time off and holidays.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter defenses in a hands-on technical leadership role.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth OpenID Connect Secrets Management Terraform Vercel
49 minutes ago
Stripe

Principal Security Engineer, Privy

Stripe 5K-10K Diversified Financial Services

Privy is hiring a Principal Security Engineer to define and operate security programs for its fintech and crypto infrastructure products, with a focus on protecting sensitive systems and reducing risk across the company.

United States Full-time Lead Security Engineer
AWS Blockchain CI/CD Encryption Go Java JavaScript Microservices Network Security OAuth OpenID Connect Penetration Testing Python Ruby Rust Secrets Management TypeScript
54 minutes ago
Anduril Industries

Staff Security Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Security Engineer to secure its OT and ICS environments and help design foundational defenses for advanced defense technology and factory systems.

United States Full-time Lead Security Engineer
$191k-$253k
Go Linux Python Rust
4 hours, 32 minutes ago
Sporty Group

Senior Purple Operations Engineer

Sporty Group 51-250 Media

Sporty is hiring a Purple Operations Engineer to improve the quality and reliability of security detections across its security monitoring environment and turn threat findings into actionable defensive controls.

Europe Full-time Senior Security Engineer
Azure Bash Cloudflare Confluence GitHub GitLab JIRA Kubernetes Lucene PowerShell Python SIEM SOC
5 hours, 6 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers