Security Engineer (Crypto/Web3)

Golden is looking for talented Security Engineers to help us build a new decentralized protocol for canonical knowledge.

Our vision is to create a decentralized knowledge graph protocol that maps 10 billion entities and the public knowledge surrounding them. The world is lacking a decentralized graph of canonical knowledge that is open, free, permissionless and incentivizes contributions to the graph.

This is a great opportunity to work on automated security detection and response capabilities. The work will involve advancing the security state of a new Web3 protocol and NFT ecosystem. 

As an early team member, you will be working in a startup environment with high autonomy and a rapid development pace. This is a great chance to work on a fundamental token and new Web3 protocol. Your work will result in a new way data is handled and exchanged across the globe.

We are a globally distributed remote team working in time zones between San Francisco and Prague. This role will report to the Head of InfoSec.

What you will be doing:

• Perform regular product security assessments and threat modeling.
• Identify potential vulnerabilities and implement best practices for vulnerability discovery.
• Help create a new type of web3 digital ownership that hasn't existed before.
• Develop tooling to automate and scale our security assessment processes.
• Design and develop features to improve the security of our products.

Qualifications we need:

• Deep knowledge and understanding of blockchain technologies and their weaknesses.
• Experience performing penetration testing, code reviews, architecture reviews and threat modeling.
• Experience implementing and supporting robust systems that scale to hundreds of millions of users.
• Experience in security of blockchain interactions and vulnerability trends.
• Excellent communication skills (design docs, specs, documentation, code reviews, post-mortems).

Bonus Points:

• Serverless application development on AWS, Lambda, API Gateway, S3, DynamoDB or similar.
• ELK stack or Logstash knowledge.
• Security certifications such as CISSP, GWEB, OSWE.
• Desire to work closely with various web3 layers. 
• You contribute to the security industry through research.

About Golden:

Golden is venture-backed by a16z, Founders Fund, Gigafund and other top tier investors, and is led by Jude Gomila, a founder of Heyzap (YC ‘09, acquired for $45 million in 2016) and investor in over 200 startups. To learn more about Golden visit us at https://golden.com and https://golden.xyz check out our blog https://golden.com/blog or join the conversation at @Golden