Lightning Labs is seeking to hire a Security Engineer for the ongoing scaling of our growing engineering organization. This is a hands-on role that consists of devising and implementing policies and procedures around best practices in systems security. The ideal candidate has experience in securing web, Bitcoin, and other public-facing network services, penetration testing, and both automated and manual source code security reviews. Due to the domain in which we work, experience with Bitcoin and the Lightning Network is extremely desirable as is knowledge of the cryptographic aspects involved in this area.
As we are an international organization, experience and comfort working with highly distributed teams is a must. In addition, the ideal candidate should have a passion for our mission of bringing financial freedom to the world, as well as for Bitcoin as a whole. Although a part of the engineering organization, candidates in this position will work across functional team boundaries to ensure all aspects of the business are appropriately considered and covered by security best practices.
Responsibilities may include but are not limited to:
Designing and deploying active fuzzing, black+white box testing and penetration testing infrastructure for open source and production systems
Performing security audits and review of both internal production systems as well as open source software which interacts with Bitcoin+Lightning in a security critical manner
Provide mentorship and guidance to level up your teammates
Creating global security policy, standards, guidelines, and procedures to ensure ongoing maintenance of security
Overseeing security aspects of software release processes and infrastructure
Determining security team requirements for future growth
Developing and ensuring responsiveness of security incident management processes
Performing risk management assessments
Preferred experience:
At least 5 years prior experience in in systems security
An ability to work with a high impact, fast-moving startup team
Extensive knowledge of operating system and computer architecture internals
Strong understanding of cryptography, protocol design and adversarial analysis
Experience in reverse engineering and exploiting of cryptographic protocol (cryptocurrencies like Bitcoin) systems
Extensive expertise with professional software development experience in Go, Rust, C/C++, and/or Java
Experience in security incident response
Experience in security code review and vulnerability triaging
Prior experience running an open source facing bug bounty program
2+ years management experience or experience as a senior decision maker
Experience working with remote teams
Experience working with Kubernetes and AWS infrastructure
Working knowledge of fundamental Bitcoin and Lightning design principles
Candidates with additional experience are welcome to apply as we are open to adjusting the role accordingly
