NearSkillNearSkill
Back to all jobs
T
Talentxo
SecurityBlockchain & Web3

Security Engineer (Web3 and Web2)

Posted Recently
Full-time
Apply NowRead full description

Overview

We are seeking a Security Engineer responsible for both Web3 and Web2 security paradigms, including penetration testing, cloud security (AWS), and monitoring/alerting systems. The role involves ensuring the security of digital assets, infrastructure, and applications.

What You'll Do8

  • 1Perform penetration testing of applications/products based on Web, Mobile, Web3 assets like Smart Contract, Bitcoin Script, etc.
  • 2Plan and perform red team exercises in a variety of environments.
  • 3Manage applications/products bug bounty program with validation and response mechanism for vulnerabilities submitted by external researchers.
  • 4Continuous research on new attack vectors/techniques and their mitigations.
  • 5Manage attack surface based on risk assessment for the business.
  • 6Develop scripts, tools and methodologies to enhance security posture of the whole company and its applications/products.
  • 7Manage continuous passive and active monitoring and alert systems such as Prometheus, Grafana, Wazuh, etc.
  • 8Apply knowledge of AWS services to support the maintenance of secure cloud infrastructure.

Requirements9

  • 14+ years of experience in a security engineering role covering both Web3 and Web2 security paradigms across application, infrastructure, and cloud security contexts.
  • 2Hands-on experience performing penetration testing on Web, Mobile, and Web3 assets including Smart Contracts and Bitcoin Scripts, and planning/executing red team exercises.
  • 3Strong working knowledge of OWASP Top 10, SANS Top 25, NIST, MITRE ATT&CK, and shift-left security methodologies.
  • 4Strong understanding of application, infrastructure, and networking architecture with ability to assess attack surfaces holistically.
  • 5Proficiency in deploying and managing continuous monitoring and alerting systems such as Prometheus, Grafana, Wazuh, or comparable tools.
  • 6Working familiarity with AWS services and basic cloud security concepts.
  • 7Ability to develop scripts, tools, and methodologies using at least one of Go, Rust, TypeScript, or Python.
  • 8Foundational understanding of blockchain technologies and associated security considerations including smart contract security and Bitcoin script analysis.
  • 9Bachelor's degree in Computer Science, Information Technology, or a related field.

Who Should Apply

A security professional with 4+ years of experience in penetration testing, red teaming, and application security (OWASP, NIST). Must have hands-on expertise with blockchain/Web3 assets (smart contracts, Bitcoin scripts), cloud infrastructure (AWS), and monitoring tools (Prometheus, Grafana, Wazuh). Strong scripting skills and a Bachelor's in CS/IT are required, with a preference for certifications like C-PENT, eJPT, PWPP, or GPEN.

Salary Insight

Compensation open to discussion

Required Skills

cyber securityitops & cyber security admintechnology

Application Tip

Emphasize your hands-on penetration testing experience on Web3 assets (smart contracts, Bitcoin scripts) and provide concrete examples of red team exercises you have planned or executed.

Share:
Apply Now