Security Engineer - Secure the Future of Ethereum Scaling
About OP Labs & The Optimism Collective
We're on a mission to scale Ethereum's technology and values, tackling some of humanity's most pressing coordination challenges. As a core contributor to the Optimism protocol, we're building a groundbreaking solution that dramatically improves Ethereum's performance and scalability while remaining true to its core principles.
The Optimism Collective is leading the charge in shaping a scalable and sustainable blockchain ecosystem. We're deeply committed to aligning private incentives with the public good, creating a resilient future for the internet and pushing boundaries in Gaming, DeFi, NFTs, and Enterprise applications. Our work is open source (under an MIT license) because we believe in the power of collaborative innovation.
The Opportunity: Be a Guardian of the OP Stack
As a Security Engineer, you'll play a pivotal role in safeguarding the OP Stack, the very foundation of Optimism's scaling solution. You'll be a proactive force, identifying and mitigating vulnerabilities and threats through rigorous security assessments, threat modeling, design reviews, and code audits. You'll work hand-in-hand with engineers across the stack to integrate security best practices into every stage of development, ensuring we ship code safely and efficiently. We are an engineering-first company and take security very seriously; you will have our full support to make a lasting impact.
What You'll Do:
Conduct comprehensive security assessments, audits, threat modeling, and red team exercises across the stack.
Develop and enforce secure coding standards, guidelines, and policies.
Build and enhance our detection and response capabilities, including monitoring, alerting, runbooks, and incident response workflows.
Design and maintain secure multisig operational processes, including signer selection, access controls, and key management.
Champion a security-first culture by educating and mentoring engineers on security practices.
What You Bring to the Table:
Deep expertise in identifying, understanding, and mitigating security vulnerabilities through threat modeling, security assessments, security reviews, audits, and red teaming.
Proven experience building and operating robust detection and response capabilities, including monitoring, alerting, and incident handling.
Solid understanding of best practices for operational security of multisigs, including signer management, access controls, and secure workflows.
Experience shipping safety-critical code in a fast-paced, dynamic environment.
High degree of ownership and initiative: you'll identify security gaps, prioritize them effectively, and drive solutions across the organization.
Exceptional analytical, problem-solving, and communication skills, with the ability to clearly articulate complex security risks and solutions.
Why You'll Love Working With Us:
We invest in our team: Enjoy competitive compensation, fully paid medical, dental, and vision coverage, and a 4% 401K match. Learn more about our benefits, culture, and recruiting FAQs here.
We celebrate success: We're proud of our teammates and support each other in achieving career-defining work.
We embrace diversity: Our team comprises individuals from diverse backgrounds, and we value the unique perspectives each person brings.
We're remote-first: We are a fully remote team that is deeply engaged, highly skilled, and knows how to have fun.
We're building for the long term: Our founders have been scaling Ethereum since 2015, and we're committed to building a sustainable future for the ecosystem.