Who we are

Paxos Labs builds enterprise infrastructure that powers the next generation of trusted onchain financial products. We work with the largest financial enterprises in the world to build transparent and verifiable onchain infrastructure that works for end users and everyday financial use cases. If you believe in bringing DeFi and digital assets to the mainstream, consider building your career at Paxos Labs.

We believe security is critical to our culture and long term success. We are hiring a Lead Security Engineer to help take Paxos Labs's security capabilities to the next level.

Who we're looking for

The engineering team at Paxos Labs deploys production software across the web2 and web3 stack, from smart contract protocols, DeFi integrations, and cloud infrastructure to public API/SDKs that requires a comprehensive security posture. We are looking for a motivated developer that can not only develop, but aptly research and deploy extensive knowledge across TradFi and DeFi to secure mission critical software.

Most importantly, we are looking for developers with interest in the following overlap:

1. Smart Contract Security

2. Cloud Security

3. Operational Security

Responsibilities

Cloud Security

• Conduct internal audits of Cloud (Azure, AWS) platform security and implement best practices around key management, network security, monitoring, etc.

• Create threat models for first party and third party software, research possible vulnerabilities and patch them.

• Collaborate closely with infrastructure engineers to detect, fix, and prevent future exploits by creating resuable tools and processes.

Operational Security

• Develop tooling and SOPs such as incident response manuals.

• Conduct periodic incident response training for team members. Simulating hacks, alerts, and social engineering vectors.

• Collaborate closely with both the technical and the non-technical staff to secure non-code related attack vectors and protect the weakest link i.e. the humans involved.

Smart Contract / DeFi Security

• Collaborate closely with the Smart Contract team to conduct internal audits and to set up secure operational practices for the development and maintenance of smart contract protocols..

• Build and deploy full stack tools for mitigating exploits and financial risks such as

  • Detecting malicious transactions in the mempool and automating pauses across the smart contracts deployed on multiple chains.

  • Defining invariants and detecting violations in realtime.

  • Integrating third party security software where necessary.

Qualifications

• Deep knowledge of cloud infrastructure and web2 security practices.

• Deep knowledge of cybersecurity standards and social engineering defenses.

• Experience building full stack applications.

• Deep Knowledge of the EVM security tooling, testing, and best practices

• Deep knowledge of common hacks and exploits in DeFi protocols.

• Deep knowledge of financial attack vectors in DeFi protocols.

• Experience with CTFs, bugbounties, whitehat activities.

Why join us?

Joining Paxos Labs means becoming part of a pioneering team at the forefront of financial innovation for the mass market. You will have the opportunity to:

• Build the Future: Play a critical role in transforming traditional enterprises with innovative crypto solutions.

• Do Impactful Work: Contribute to projects that have a tangible impact on the global financial landscape.

• Enable Personal Growth: Benefit from continuous learning and professional development in a rapidly evolving industry with an emphasis on personal career advancement.

• Receive Competitive Compensation: Receive a competitive salary and participate in directly in ownership structures that provide top-of-the-line benefits.

• Join A Dynamic Team: Thrive in a fast-paced, agile setting where your ideas are valued and your contributions are recognized.

Location

We are a heavily in-person team working in New York City. We prize effective in-person collaboration.

Once we receive your application, we'll be in touch if we are interested.