RemoteLeaf Logo
Log in Sign up

Product Security Engineer

2 hours, 51 minutes ago
Switzerland, United Kingdom, Germany, Singapore, Hong Kong
Full-time
Senior
Application Security Engineer
Cybersecurity
Blockchain CI/CD Encryption gRPC Java Rust
Apply Now
MLabs

MLabs

MLabs is a Haskell, Rust, Blockchain, and AI consultancy specializing in mission-critical software development, cross-team collaboration, and cutting-edge value delivery for fintech, blockchain, and information technology sectors.

Internet Software & Services
11-50
Founded 2018
View All Jobs 34

Description

  • Conduct end-to-end security assessments across blockchain systems, including cryptographic primitives, protocol architecture, smart contracts, and deployed infrastructure.
  • Own threat modeling and security architecture reviews across all stages of product development.
  • Identify vulnerabilities through hands-on code review, adversarial testing, and proof-of-concept exploit development.
  • Test native services, EVM-compatible contracts, cross-chain bridges, and consensus-layer components for real-world security issues.
  • Partner with core engineering teams to turn cryptographic and protocol risks into prioritized remediation work.
  • Define and enforce security gates before production deployment.
  • Build and improve security tooling, fuzzing infrastructure, and CI/CD security automation.
  • Track emerging blockchain and Web3 attack patterns and drive mitigation strategies across the codebase.

Requirements

  • Proven hands-on experience finding vulnerabilities and testing blockchain protocols, smart contracts, nodes, and APIs.
  • Strong threat modeling and security architecture review experience for distributed cryptographic systems.
  • Direct experience assessing cross-chain protocols, threshold signature schemes, or similar cryptographic systems with complex trust assumptions.
  • Experience auditing or breaking cross-chain bridges.
  • Deep working knowledge of applied cryptography, including BLS signatures, pairing-based schemes, polynomial commitments, and Fiat-Shamir constructions.
  • Ability to reason about cryptographic failure modes and trust model tradeoffs in production environments.
  • Mastery of blockchain security and secure coding practices across both EVM-compatible and non-EVM chains.
  • Experience with security testing tools such as static analysis, dynamic analysis, and fuzzing.
  • Experience building custom fuzzing harnesses or security test infrastructure.
  • Ability to read, review, and audit cryptographic code written in Rust and/or Java.
  • Understanding of memory safety, constant-time correctness, secret handling, and JNI-related security risks.
  • Preferred: Experience designing and operating grammar-aware fuzzing campaigns against gRPC, JSON-RPC, or protocol-level endpoints.
  • Preferred: Experience building classifier pipelines to isolate security signals from noise or other custom security automation.
  • Preferred: Prior security work on Ethereum consensus clients or production threshold signature systems.
  • Preferred: Experience integrating AI-assisted workflows into security review and triage.

Benefits

  • Competitive salary and compensation package, including $75K - $85K compensation.
  • Remote work across APAC and EU time zones.
  • Opportunity to work on enterprise Web3 infrastructure and cryptographic innovation.
  • Collaborative engineering environment focused on complex distributed systems challenges.
  • Flexible working arrangements.
  • Comprehensive professional growth opportunities.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Nebius

Application Security Engineer

Nebius 51-250 Internet Software & Services

Nebius is hiring an Application Security Engineer to help secure its AI cloud platform by identifying vulnerabilities, improving secure development practices, and supporting application security across the software lifecycle.

United Kingdom Europe Netherlands Czech Republic Germany Full-time Mid Level Application Security Engineer
$81k-$259k
Burp Suite Cybersecurity Go Java JavaScript Linux OpenID Connect Penetration Testing Python SAML
1 hour, 51 minutes ago
GuidePoint Security

Senior Application Security Engineer - Southeast region (Remote)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a senior Application Security consultant to help client organizations strengthen and operationalize their AppSec programs through a mix of advisory work, hands-on engineering, and executive-level guidance.

United States Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP Kubernetes Secrets Management
2 hours, 21 minutes ago
Spotify

Security Engineer- Product Security

Spotify Media

Spotify is hiring a Security Engineer for Product Security to secure its platform, infrastructure, and engineering initiatives for hundreds of millions of users across London or Stockholm.

United Kingdom Sweden Full-time Mid Level Application Security Engineer
Agile C++ CI/CD Encryption Generative AI Java Python Scala TypeScript
2 hours, 36 minutes ago
Inovalon

Application Security Engineer

Inovalon 1K-5K IT Services

Inovalon is hiring a Staff Software Engineer focused on application security to embed secure practices across the design, development, and operation of cloud-native SaaS healthcare platforms.

United States India Full-time Lead Application Security Engineer
Agile DevSecOps Encryption GCP HIPAA Penetration Testing
1 day, 5 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers