Security Engineer

🕒 April 13

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Startale Group

WebsiteLinkedInAll Job Openings

51 - 200 employees

Founded 2019

₿ Crypto

🌐 Web 3

💳 Fintech

💰 $3.5M Seed on 2024-03

Crypto • Web 3 • Fintech

<Startale Group> is a blockchain-focused technology company building an integrated web3 ecosystem that includes Soneium (a creator platform), Strium (a Layer-1 blockchain for tokenized securities and RWAs), Startale App (an all-in-one superapp), and Startale USD, a compliant stablecoin. The company develops developer tools, an Ethereum L2, and partners with institutional firms to enable on-chain real-world assets, payments, and digital economy experiences.

📋 Description

• Conduct hands-on security testing of our applications, APIs, and infrastructure. Simulate real attack scenarios against our products. Find the vulnerabilities before external attackers or whitehat researchers do. Work with engineers to fix issues pragmatically. • Build threat models for new services and features — especially Strium's trading engine, order book, and transaction flows. Identify attack surfaces, model adversary behavior, and define what needs to be hardened before launch. • Own the end-to-end lifecycle of findings — from discovery through severity assessment, developer-facing write-ups, remediation guidance, and verification of fixes. Coordinate with engineers so issues actually get closed. • Manage incoming whitehat reports, validate findings by reproducing them, assess severity, communicate with researchers. • Assess technical risks of new AI tools adopted by engineering (data exfiltration, prompt injection, training-on-input), maintain security baselines for AI coding tools and review AI-powered internal tools.

🎯 Requirements

• 5+ years of hands-on experience with a focus on application security, penetration testing, or product security. • Demonstrated ability to find vulnerabilities — through manual testing, architecture and/or code review, or creative attack simulation. You should be able to describe specific bugs you've found and how you found them. • Practical experience with exchange or trading platform security — from a DEX (preferred) or DeFi protocol. You should understand order book mechanics, transaction flows, wallet security, and the threat landscape specific to trading infrastructure. • Scripting and automation ability — you write tools and automate to scale security across the stack, not just audit and write reports. • Experience triaging vulnerabilities and writing clear, actionable remediation guidance for developers. • Strong written communication in English — you'll write tickets, assessment reports and researcher responses.

🏖️ Benefits

• Startale's products handle user funds and on-chain transactions so security work has tangible impact. • Owning the security posture of a project at scale and complexity such as Strium is an opportunity for professional growth. • You will have direct influence over how product security is built across the organization. • Focus is on driving product security and not on maintaining compliance documentation. • Our team is backed by and partnering with leading Japanese enterprises so you will have a chance to work in a stable and well-funded company but with the autonomy and speed of a small team.