The Role

Provable is seeking an exceptional Application Security Engineer to help secure private applications on Aleo, the world’s first live privacy-preserving programmable blockchain.

In this role, you will be responsible for strengthening the security of Provable’s applications, developer tooling, APIs, and supporting services. You will work closely with protocol engineers, Rust engineers, cryptographers, and product teams to identify vulnerabilities early, design secure-by-default systems, and ensure that privacy and security scale together.

This is a hands-on role for someone who enjoys working close to the code, thrives in high-trust engineering environments, and is motivated by protecting real users and real value in production systems.

Responsibilities

• Own application-layer security across Provable’s products, internal services, and developer-facing tooling

• Perform threat modeling, security architecture reviews, and design reviews for new systems and features

• Identify, reproduce, and remediate vulnerabilities across APIs, web services, SDKs, and backend systems

• Build and embed secure development practices, including secure coding standards, dependency security, access controls, and CI/CD integration

• Partner with engineers on testing, audits, incident response, and ongoing security improvements in a privacy-first environment

What We’re Looking For

• 5+ years of experience in application, product, or software security engineering

• Strong understanding of common application security risks, including authentication, authorization, API security, and cryptographic misuse

• Experience securing production backend systems and developer platforms, with the ability to reason about systems-level code (Rust a strong plus)

• Familiarity with modern secure software development practices, authentication systems, and key management

• Clear communicator with a pragmatic security mindset suited to high-trust, fast-moving engineering teams

Benefits

• Monthly budget for expenses relating to working in a remote environment (home office setup & supplies, transportation, fitness & personal well-being, continued learning, etc.).

• Comprehensive, top-tier healthcare coverage.

• Flexible vacation policy.

• Ability to attend major industry conferences and global events at the company’s expense.

• Regular team off-sites and retreats.

‍Provable is committed to diversity in its workforce and is proud to be an equal-opportunity employer and to review all of our job postings to minimize biased language. Provable does not make hiring or employment decisions on the basis of race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state, or federal law. Provable will also consider for employment qualified applicants with arrest and conviction records in a manner consistent with San Francisco’s Fair Chance Ordinance and similar local laws.‍

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants.