Lead Application Security Engineer, NodeJS/Frontend

Applicant Privacy Notice

Looking to join a world-class blockchain development team? Ava Labs makes it simple to deploy high-performance solutions for Web3, led by innovations on Avalanche. The company was founded by Cornell computer scientists, who partnered with Wall Street veterans and early Web3 leaders to execute a promising vision for redefining the way people build permissionless networks. Ava Labs is redefining the way people create value with Web3. Join us as we empower people to easily and freely digitize all the world’s assets on one open, programmable blockchain platform

We are looking for a Lead Application Security Engineer who has expertise on NodeJS and the Front-end to join the Security team. This specific role is focused on maintaining the security for our front-end teams and core products, inclusive of; Core, Custody, AvaCloud. If you're looking for a team that always designs with security and privacy in mind, then this could be the perfect match for you!

WHAT YOU WILL DO

• Work with frontend developers and product owners to ensure secure design and development of applications
• Lead and be the NodeJS/Javascript/Frontend technology security expert to the team and effectively communicate information to technical and non-technical team members
• Recognize security needs and recommend suitable technologies and controls
• Design and build security tools integrated with the CI/CD pipeline
• Provide technical security direction to frontend developers of the team
• Respond to security alerts
• Make risk assessments of new tools and security recommendations for their use

• 8+ years of experience working in security engineering, security experience in web3 preferred
• 2+ years in a start-up environment
• Experience in threat modeling system designs and implementation—how they scale, how they should fit together, and how they’re likely to break
• Experience in design reviews and conducting code reviews with an eye for security vulnerabilities
• In-depth technical knowledge of application security, with an emphasis on front-end, web application, and mobile security
• Track record of success with triaging findings from security tools, bug bounty programs, and the external research community
• Proficient in one or more programming languages (Node.js/Javascript, Golang experience also looked upon favorably)
• Ability to analyze and solve complex problems
• Thorough attention to detail and high organizational skills
• Passion for crypto/web3 and eagerness to consume latest news and developments, especially as it relates to web3 security
• Deep familiarity with the OWASP Top 10

Salary Range: $167,000 to $208,600

(**This is not a guarantee of compensation or salary, a final offer amount may vary based on factors including but not limited to experience and geographic location.)

#LI-Remote #LI-DS1

WHY AVA LABS?

If you've ever thought about joining an early stage Web3 company - this is it! We're a global, world-class team of experts in computer science, economics, finance, marketing, and law with offices in New York City and Miami. We're highly passionate about Web3 and redefining the way people build and use finance and decentralized applications of all kinds. The company received early-stage funding from Andreessen Horowitz, Initialized Capital, and Polychain Capital, with angel investments from Balaji Srinivasan and Naval Ravikant. Join us and be a pioneer in a new technology that will have implications across a range of verticals such as finance, gaming, investing, collectibles, among many others.

Ava Labs is committed to diversity in the workplace and we’re proud to be an Equal Opportunity Employer. We do not hire on basis of race, color, religion, creed, gender, national origin, citizenship, age, disability, veteran status, marital status, pregnancy, parental status, sex, gender expression or identity, sexual orientation, or any other basis protected by local, state or federal law. All employment is decided on the basis of qualifications, merit, and business need.