hero

Opportunities at Craft portfolio companies

175
companies
1,264
Jobs

Senior Security Engineer (Remote)

Lightning Labs

Lightning Labs

San Francisco, CA, USA
Posted on Dec 2, 2022

Lightning Labs is seeking to hire a Security Engineer for the ongoing scaling of our growing engineering organization. This is a hands-on role that consists of devising and implementing policies and procedures around best practices in systems security. The ideal candidate has experience in securing web, Bitcoin, and other public-facing network services, penetration testing, and both automated and manual source code security reviews. Due to the domain in which we work, experience with Bitcoin and the Lightning Network is extremely desirable as is knowledge of the cryptographic aspects involved in this area.

As we are an international organization, experience and comfort working with highly distributed teams is a must. In addition, the ideal candidate should have a passion for our mission of bringing financial freedom to the world, as well as for Bitcoin as a whole. Although a part of the engineering organization, candidates in this position will work across functional team boundaries to ensure all aspects of the business are appropriately considered and covered by security best practices.

Responsibilities may include but are not limited to:

  • Designing and deploying active fuzzing, black+white box testing and penetration testing infrastructure for open source and production systems

  • Performing security audits and review of both internal production systems as well as open source software which interacts with Bitcoin+Lightning in a security critical manner

  • Provide mentorship and guidance to level up your teammates

  • Creating global security policy, standards, guidelines, and procedures to ensure ongoing maintenance of security

  • Overseeing security aspects of software release processes and infrastructure

  • Determining security team requirements for future growth

  • Developing and ensuring responsiveness of security incident management processes

  • Performing risk management assessments

Preferred experience:

  • At least 5 years prior experience in in systems security

  • An ability to work with a high impact, fast-moving startup team

  • Extensive knowledge of operating system and computer architecture internals

  • Strong understanding of cryptography, protocol design and adversarial analysis

  • Experience in reverse engineering and exploiting of cryptographic protocol (cryptocurrencies like Bitcoin) systems

  • Extensive expertise with professional software development experience in Go, Rust, C/C++, and/or Java

  • Experience in security incident response

  • Experience in security code review and vulnerability triaging

  • Prior experience running an open source facing bug bounty program

  • 2+ years management experience or experience as a senior decision maker

  • Experience working with remote teams

  • Experience working with Kubernetes and AWS infrastructure

  • Working knowledge of fundamental Bitcoin and Lightning design principles

  • Candidates with additional experience are welcome to apply as we are open to adjusting the role accordingly