GRVT
Finance • Fintech • Crypto
GRVT is an innovative financial technology company that aims to revolutionize global finance through a next-generation marketplace built on blockchain. The company offers a user-friendly and scalable platform that blends centralized finance (CeFi) and decentralized finance (DeFi) to provide secure, self-custody trading of cryptocurrency derivatives, including perpetuals and options. GRVT prioritizes safety and compliance, providing a trusted, licensed decentralized exchange (DEX) experience without counterparty risk. With advanced features like portfolio margining, zero gas fees, and a lightning-fast order book capable of handling 600,000 trades per second, GRVT caters to both institutional and retail investors, enhancing their trading strategies and management with an intuitive, e-commerce-like user interface. GRVT also emphasizes privacy and security through multi-layered security measures and on-chain privacy solutions. The company actively engages with its community through an open beta testnet, reward programs, and educational content. Overall, GRVT aims to reshape financial markets into fully automated and trustless environments, providing a seamless, capital-efficient experience for all users.
Senior Security Engineer
Job not on LinkedIn
June 8
GRVT
Finance • Fintech • Crypto
GRVT is an innovative financial technology company that aims to revolutionize global finance through a next-generation marketplace built on blockchain. The company offers a user-friendly and scalable platform that blends centralized finance (CeFi) and decentralized finance (DeFi) to provide secure, self-custody trading of cryptocurrency derivatives, including perpetuals and options. GRVT prioritizes safety and compliance, providing a trusted, licensed decentralized exchange (DEX) experience without counterparty risk. With advanced features like portfolio margining, zero gas fees, and a lightning-fast order book capable of handling 600,000 trades per second, GRVT caters to both institutional and retail investors, enhancing their trading strategies and management with an intuitive, e-commerce-like user interface. GRVT also emphasizes privacy and security through multi-layered security measures and on-chain privacy solutions. The company actively engages with its community through an open beta testnet, reward programs, and educational content. Overall, GRVT aims to reshape financial markets into fully automated and trustless environments, providing a seamless, capital-efficient experience for all users.
📋 Description
• You will join the GRVT Site Reliability Engineering (SRE) team, which operates across three tightly integrated verticals: DevSecOps (cloud infrastructure, incident response, platform stability) Test Engineering (end-to-end testing, regression pipelines, feature assurance) Security Engineering (penetration testing, security advisory, security governance). • The organization has the mandate of ensuring the end-to-end reliability of the GRVT platform, protecting our product's reliability, correctness, and security. • This role is positioned within the Security vertical but works cross-functionally with the entire organization. • Lead technical assurance activities across projects, including penetration testing, purple teaming, threat modeling, and architecture reviews—ensuring both new and existing systems maintain a high security baseline. • Serve as the primary security expert within the SRE team , collaborating closely with Ops and QA Engineers and Wider Teams to design practical, high-impact controls that enhance platform security without compromising delivery velocity. • Build automation and internal tooling for security visibility, posture monitoring, and enforcement (e.g., secret scanning, anomaly detection, automated test harnesses). • Monitor, triage, and lead response efforts for security incidents, coordinating across SRE, and wider engineering teams. • Establish and maintain security policies and controls aligned with both engineering best practices and regulatory obligations. • Educate and empower developers and engineers with actionable guidance, secure coding practices, and feedback cycles—reducing the likelihood of vulnerabilities during development.
🎯 Requirements
• Strong Information Security (InfoSec) background (5 years+), with proven experience in application security across both traditional web stacks and blockchain-based systems. • Expert knowledge of web application security, including deep familiarity with the OWASP Top 10, to assess and defend GRVT’s off-chain services against common web-based threats. • Python proficiency - Experience building security engineering tools such as automated API security testers, custom static analyzers, or CI/CD-integrated scanners for secrets, misconfigurations, and insecure patterns. • Proficiency in security testing tools , such as SAST (e.g., SonarQube, Checkmarx, GoSec), DAST (e.g., OWASP ZAP, Burp Suite). • Demonstrated ability to quickly understand and analyze unfamiliar codebases, enabling effective secure code review across diverse systems—including web services, infrastructure components, and smart contracts. • Experience conducting threat modelling exercises , or a strong grasp of threat modeling methodologies to evaluate project risk at the design and implementation levels. • Smart contract auditing experience , with familiarity in identifying common vulnerabilities in decentralized applications and blockchain systems. • Bug bounty programs experience , either as a seasoned researcher or by managing an organization’s program. • Experience with Cloud infrastructure (e.g., AWS, GCP). • Understanding of container security and DevSecOps principles , with practical experience integrating security into CI/CD pipelines .
Apply NowSimilar Jobs
March 1
Join Binance as a security engineer in the blockchain ecosystem. Collaborate globally to guard crypto safety.
🇸🇬 Singapore – Remote
💰 Initial Coin Offering on 2020-12
⏰ Full Time
🟡 Mid-level
🟠 Senior
👮♂️ Cybersecurity / Security Engineer
Solidity
Web3
Go