2 months ago
Base Salary
$130k - $218k/yr
Responsibilities
- Determine the root cause and severity of vulnerabilities reported through the bug bounty platform.
- Interface with ethical hackers, triage reports, and guide product engineering teams to resolution.
- Document identified vulnerabilities for quick action by the engineering team.
- Write code to support security engineering projects and fix vulnerabilities in MetaMask applications.
- Assess potential security vulnerabilities and work with development teams for remediation.
- Support product teams by conducting design reviews, threat modeling, and security testing.
- Identify gaps in the secure software development life cycle and lead efforts to address them.
- Participate in team meetings and contribute to roadmap planning.
- Validate security patches and test for potential bypasses.
- Proactively prevent future vulnerabilities through automation and developer education.
- Pave your own path in enhancing MetaMask's security.
Requirements
- 6+ years of experience in building and securing software, with hands-on product or application security experience.
- Experience securing modern backend systems, web applications, and APIs.
- Experience in threat modeling, security design reviews, and vulnerability assessments.
- Experience securing JavaScript-based applications, preferably with Node.js, React, or React Native.
- Strong coding skills to identify and fix vulnerabilities or build secure solutions.
- Solid understanding of modern web and mobile security landscapes, including common attack vectors.
- Strong communication skills to influence engineering decisions and collaborate effectively.
- Self-driven and proactive, comfortable in a high-autonomy, distributed team environment.
- Alignment with the company's mission and values.
