Own end-to-end security reviews across smart contracts, backend services, and frontend surfaces.
Build and ship an agentic security CI/CD pipeline that runs autonomously against every PR and release candidate.
Triage and manage the bug bounty program, reproduce findings, and route confirmed issues to engineering with context.
Polygon Labs is a global blockchain payments company building infrastructure to move money instantly and reliably. It has facilitated trillions in onchain value transfer and supports millions of daily transactions for banks, fintechs, and enterprises.
Conduct in-depth security evaluations on blockchain nodes, validators, consensus mechanisms, mempool behavior, networking layers, and chain modules.
Review and analyze blockchain frameworks such as Cosmos SDK, CometBFT, Geth, Hyperledger, and other L1/L2/L3 infrastructures.
Identify security issues related to consensus safety, chain halting, permission models flaws, and block production vulnerabilities.
CertiK leads blockchain security by protecting smart contracts and blockchains with cutting-edge Formal Verification technology. Founded by Computer Science professors of Yale University and Columbia University, CertiK has audited and secured over $500B in assets, including many of the world's top blockchain projects, and offers a flexible work environment with a mission-driven culture.
Own and manage bug bounty intake processes, including triaging reports, validating vulnerabilities, and reproducing proof of concepts.
Collaborate with developers and product teams to design and implement effective remediation strategies for identified security issues.
Contribute directly to codebases by reviewing and submitting pull requests to fix security vulnerabilities.
Jobgether is a company using AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. They have a collaborative, feedback-driven culture that encourages innovation and ownership.
Validate incoming security findings from the research community using code analysis and pentesting tools.
Collaborate with engineering teams to remediate valid vulnerabilities in the codebase.
Build or improve automated workflows and tooling using languages like Rust, Go, or Python.
1Password builds a human-centric cybersecurity platform, including enterprise password management and Unified Access Management. With over $400M in ARR and 180,000 business customers, the company has a remote-first culture focused on curiosity, teamwork, and continuous improvement.
Play a key role in protecting and strengthening large-scale cloud-native applications that power next-generation AI infrastructure.
Work at the intersection of software engineering and cybersecurity, ensuring security is embedded throughout the software development lifecycle.
Collaborate cross-functionally to identify and remediate vulnerabilities in complex distributed systems.
Our partner is a company building large-scale cloud-native applications that power next-generation AI infrastructure. They have a high-impact security engineering environment with a collaborative and innovative culture focused on trust, learning, and impact.
Champion and implement security best practices and automated tooling across Spotify's infrastructure and platforms.
Partner closely with teams to integrate security throughout the software development lifecycle from design to deployment.
Conduct threat modeling, security reviews, and risk assessments for both AI and non-AI systems.
Spotify is the world's most popular audio streaming subscription service, unlocking the potential of human creativity by giving artists the opportunity to live off their art. With over 700 million users, the company values curiosity, collaboration, and a willingness to both teach and learn from others.
Build and improve Nitro, the core node software powering Arbitrum, focusing on transaction execution, state management, and network performance.
Solve distributed systems challenges and enhance reliability, observability, and security across critical blockchain infrastructure.
Develop new capabilities for the Arbitrum stack, including Stylus, which enables smart contracts in Rust and C/C++ via WASM.
Offchain is pioneering blockchain scalability and security, building the Arbitrum stack that powers the leading Ethereum scaling solution. The company is backed by $124 million in funding and has a team of thinkers and doers committed to decentralized systems and a more equitable digital future.
Design, develop, and maintain secure cryptographic systems including key hierarchies and encryption protocols for a global identity security platform.
Define and enforce robust key management strategies across client and server environments, ensuring secure generation, storage, rotation, and revocation of cryptographic material.
Collaborate with cross-functional engineering teams to integrate cryptographic standards into product features and system design.
Jobgether is an AI-powered job matching platform that connects candidates with hiring companies. The company operates a fully remote, collaborative, and mission-driven engineering environment with a strong emphasis on innovation and autonomy.
Partner with Product and Engineering teams to integrate security into application design and development, leading threat modeling and secure code reviews.
Develop and implement automated security guardrails across the SDLC, investigate and prioritize application security findings.
Promote secure coding practices through training and coaching, and create security standards and procedures that scale across teams.
Quanata is an insurance technology innovation company that engineers advanced risk prediction and prevention solutions and builds a full-stack, flexible, digital & increasingly AI-native insurance platform. We are a remote-first company wholly owned and funded by State Farm, with a culture that prioritizes inclusivity and positive collaboration.
Perform penetration testing and design reviews to identify vulnerabilities and insecure designs.
Maintain and build internal tools to automate security efforts, including SAST and DAST testing.
Identify vulnerabilities, demonstrate business impact, and articulate risk to drive prioritization.
Brex is the intelligent finance platform that enables companies to spend smarter and move faster in over 200 markets. With tens of thousands of customers including DoorDash, Coinbase, and Zoom, Brex fosters a diverse and inclusive team culture where collaboration with some of the brightest minds in the industry is key.
Design, build, and maintain highly available, scalable, and secure blockchain products, systems, and infrastructure.
Collaborate with cross-functional teams to improve infrastructure, monitoring, automation, and incident response.
Research emerging trends in web3/blockchain and identify new product opportunities.
Galaxy is a global leader in digital assets and data center infrastructure, delivering solutions that accelerate progress in finance and artificial intelligence. The company is headquartered in New York City, with offices across North America, Europe, the Middle East, and Asia, and blends deep crypto expertise with institutional experience.
Conduct threat modelling reviews of Technical Design Documents (TDDs) and provide actionable security recommendations early in the design process.
Perform application security assessments, including penetration testing, vulnerability assessments, and proof-of-concept development.
Investigate, triage, and respond to Bug Bounty program submissions, validating findings and driving timely remediation with engineering teams.
MoonPay is a unified payments platform for digital currency. Trusted by over 30 million customers and over 500 ecosystem partners, the company is committed to building a fairer, more open financial system with a culture of accountability and inclusivity.
Lead and mentor a high-performing team of security engineers, setting technical direction and standards for excellence.
Define and execute the security roadmap for infrastructure, remote access, endpoints, and M&A.
Design and implement security controls across cloud, production, and corporate environments.
Anduril Industries is a defense technology company transforming U.S. and allied military capabilities with advanced technology, powered by Lattice OS. They bring the expertise and business model of innovative companies to the defense industry, focusing on autonomy, AI, and networking.