JobsNewsBlog
Post a job
← back to previous jobs

Injective Labs

Remote
Apply for this position
❤️ Please support us by letting Injective Labs know you found this job on FindWeb3.com. Thanks!

Security Engineer

EngineeringEngineerGolangRustSecurityWeb3
📅
Aug 14
🕘
Full-Time
💻
Fully Remote

About the role:


Injective is seeking a Security Engineer to help strengthen and future-proof the security of our blockchain ecosystem and core infrastructure. This role blends hands-on security engineering with proactive research — you’ll identify and mitigate vulnerabilities, run offensive security campaigns, and help shape Injective’s reputation as one of the most secure ecosystems in Web3.


Responsibilities:



  • Perform regular security reviews, penetration tests, and code audits across our chain modules, smart contracts, validator infrastructure, and supporting services.

  • Hunt for new vulnerabilities through fuzzing, adversarial testing, and exploit development — at the protocol, network, and application layers.

  • Develop internal tools to detect misconfigurations, suspicious activity, and chain-level edge-case exploits.

  • Analyze emerging threats in other blockchains, rollups, bridges, or validator networks — assess Injective’s exposure, propose mitigations, and publish findings internally.

  • Manage vulnerability scanning pipelines, patch management, and incident response processes.

  • Audit internal systems and services (cloud accounts, access control, VPN, GitHub, secrets, endpoints, MDM, etc.) for best practice alignment

  • Collaborate with core developers, validators, and external auditors to test, validate, and deploy security fixes.

  • Contribute to our bug bounty program and coordinate with the security research community for responsible disclosure.

  • Help define and enforce internal security policies, tooling, and education to raise baseline awareness


Who You Are



  • 5+ years of experience in security engineering, offensive security, or protocol-level system audits

  • Strong experience in security engineering for cloud-native or blockchain-based systems.

  • Solid understanding of offensive security: vulnerability discovery, fuzzing, static/dynamic analysis.

  • Strong pen-testing experience

  • Experience working with or auditing blockchain protocols, validator setups, or smart contracts

  • Hands-on experience securing distributed infrastructure (Linux, containers, Kubernetes, cloud networks).

  • Familiarity with blockchain architectures (Cosmos SDK, Tendermint, IBC, EVM, CosmWasm, or cross-chain bridges).

  • Proficiency in Go or Rust (protocols) is a must.

  • Experience with Solidity/CosmWasm (smart contracts) is a plus

  • Comfortable writing PoCs, threat models, or simple fuzzers to validate real-world risk.

  • Self-driven, curious, and motivated to think like an attacker and design like a defender.


Bonus Points:



  • Experience with Cosmos SDK, IBC, or Injective chain tooling

  • Involvement in open-source security research, bug bounties, or CTFs


Why Work With Us:



  • Work on high-impact security challenges at the forefront of decentralized finance

  • Collaborate with a global team of protocol engineers, devops engineers, and Web3 pioneers

  • Competitive compensation, generous token incentives, and flexible remote work