Security Engineer

6.0/10

Mysten Labs

Not specified

Remote

mid

13 days ago

cryptosecurityweb3RustTypeScriptPythonMove

AI Summary

The vacancy is well-defined in responsibilities and requirements but lacks compensation details.

Check Match — Just drop your CV

See your fit for Security Engineer in seconds.

Description

What you'll do

•Maintain and improve the custody systems that hold validator keys, operational keys, and important objects for Mysten-run smart contracts and general on-chain operations, including key generation, storage, access controls, signing workflows, aggregation, rotation, and recovery procedures.
•Harden the signing path end-to-end: review and improve the code, infrastructure, and operational practices around how transactions are authorized, reviewed, and submitted on-chain.
•Build and improve anti-scam and anti-abuse tooling for the Sui ecosystem, detecting phishing sites, malicious dApps, drainer contracts, and other threats that target Sui users, and partnering with wallet ecosystem teams on mitigations.
•Conduct code and design reviews of components that interact with sensitive keys or handle on-chain assets, with a focus on cryptographic correctness, access control, and operational safety.
•Participate in investigation and response for security issues and incidents that touch custody or ecosystem abuse, and drive concrete fixes that prevent the same class of issue from recurring.

Conditions

•Employment is contingent upon the successful completion of a background check, which may include verification of employment history, education credentials, criminal history, and other relevant information.
•Our team is remote first and we are hiring across the world. Here at Mysten Labs, you’ll be joining a world-class team with tremendous growth potential as we bring the next billion users to web3.

Requirements

•3+ years of hands-on experience in security engineering, application security, or product security.
•Knowledge relevant to key management in production, for example HSMs, cloud KMS, MPC or threshold-signature systems, hardware wallets, or comparable custody infrastructure.
•Proficiency in one or more of: Rust, TypeScript, Python, or Move, and experience reviewing and writing security-sensitive code.
•Solid understanding of applied cryptography fundamentals and the common ways cryptographic systems are misused in practice.
•A builder mentality: comfortable operating with ambiguity, diving into unfamiliar codebases, and shipping the fix yourself rather than handing it off.
•Strong written and verbal communication: you can explain a finding or an issue clearly to the engineer who needs to fix it and to a non-technical stakeholder who needs to understand the risk.
•Interest in the web3 space is required; prior experience shipping in crypto, fintech, or other regulated/high-stakes environments is a plus.

Company Info

Mysten Labs

Web3, Crypto, Blockchain

Mysten Labs is a U.S.-based blockchain infrastructure company building scalable, high-performance systems for the decentralized internet. The company develops the Sui blockchain, a layer 1 network with high throughput and low latency, along with complementary technologies like the Move programming language, Seal for encrypted data access control, and Walrus for decentralized storage.

United States

50-200 employees

Founded 2021

Website

github twitter linkedin

AI Quality Score

6.0

out of 10

Tasks & KPI clarity8.0

Responsibilities are detailed and measurable, focusing on security tasks and outcomes.

Compensation clarity0.0

No salary range or payment terms are provided.

Stack & processes7.0

Technologies like Rust, TypeScript, and Python are mentioned, but operational processes are less defined.

Requirement logic9.0

Required experience and skills align well with the seniority expected for the role.

Company profile9.0

Company verified via external enrichment: Web3.

Red Flags

• no salary info

Loading similar jobs...