← back to previous jobs

Phantom

Remote - EU and US time zones
Apply for this position
❤️ Please support us by letting Phantom know you found this job on FindWeb3.com. Thanks!

Application Security Engineer

📅
Feb 10
🕘
Full-Time
$150K – $250K
💻
Fully Remote

At Phantom, security is core to the product and the reason why millions of people trust Phantom to securely store their crypto assets. As an Application Security Engineer, you will be responsible for identifying, exploiting and mitigating security vulnerability risks in our software applications, as well as conducting security assessments and investigations. You will work closely with development teams to ensure that security is integrated throughout the software development lifecycle. Join us on our mission to make the digital economy safe and easy to use for everyone.


This role is fully remote; however, we’re only open to candidates based in US and EU time zones.


Responsibilities



  • Perform regular security assessments and red teaming exercises to simulate real-world attacks.

  • Identify and mitigate security vulnerabilities in code, systems and networks through manual testing, automated tools, and threat intelligence.

  • Keep up to date with the latest offensive security techniques, application security threats, and best practices in the blockchain space, and recommend improvements to security posture

  • Write detailed reports of your findings and present them to management and technical teams, and help to prevent real-world attacks.

  • Work with development teams to implement secure coding practices.

  • Collaborate with teams such as development, operations, and compliance to ensure that security is integrated throughout the organization.

  • Participate in incident response and incident management activities.


Qualifications



  • 3+ years of experience in offensive security techniques, with a focus on blockchain technology.

  • Strong understanding of security risks, vulnerabilities and concepts in web and mobile applications.

  • Proficient in code review for JavaScript & Typescript with a strong understanding of application security threats and offensive security techniques.

  • Write PoC’s to prove vulnerabilities, review and ensure that patch code meets the standards set by the repository owners and maintainers.

  • Strong analytical and problem-solving skills + verbal and written communication skills.


Why Work with Us


Opportunity


We are a team of experienced builders with a ton of traction in a big and growing market – our users are so passionate they were hacking their way into our private beta. Only months after launching we’ve acquired millions of users, and are adding hundreds of thousands every week. We are by far the leading wallet on Solana, and plan to expand to other chains soon.


On top of that, there has never been a better time to work in crypto and on wallets in particular.



  • Wallets play a pivotal role: Wallets are responsible for on-boarding new users into crypto, and can make or break the user experience.

  • We are moving to a multi-chain world: New blockchains and scaling solutions are coming online and gaining traction, but are lacking decent wallets and bridges.

  • DeFi & NFTs are exploding: Interest in DeFi and NFTs has exploded, yet they are still an after-thought in existing wallets.


Benefits



  • Competitive salary and equity.

  • Comprehensive insurance (medical/dental/vision) — 100% covered.

  • Stipend for your ideal remote / WFH set-up: laptop, headphones, and any other work gear you may need.

  • Flexible hours and a long-standing, supportive remote environment.

  • Monthly co-working space and mobile phone expense.

  • Unlimited vacation: Take time when you need it (and we really mean it).

  • 401(k) retirement plan (although we are not matching at this time)

  • Wellness benefit

  • Daily lunch benefit


The target base salary for this role will range between $150,000 to $250,000 with the addition of equity and benefits. This is determined by a few factors including your skillset, prior relevant experience, quality of interviews and market factors (such as location) at the point in time of offer.