Web3 Jobs & Crypto Jobs Where crypto teams hire. Where builders get found.
The #1 crypto-native job board for web3 jobs, crypto jobs & blockchain vacancies. Every role in the ecosystem — dev, design, marketing & more. Remote-first at top protocols, DAOs & companies.
By using web3vacancy you agree to our Terms of Service and Privacy Policy.
Latest Crypto Job Vacancies
Join MoonPay as a Senior Security Engineer focusing on automation and vulnerability management. Drive security integration into CI/CD pipelines and enhance supply chain security while collaborating with engineering teams.
Our Product Security Squad is a dynamic blend of proactive defenders and inquisitive problem-solvers. We're dedicated to fortifying our systems through rigorous security reviews, hands-on penetration testing, and proactive threat modelling. We actively manage our Bug Bounty program, ensuring swift response and remediation, and leverage cutting-edge tools like Cloudflare's WAF to build robust defenses. We offer an extensive number of security services to our Engineering teams including cloud security, tailored security advice, threat modelling and penetration testing. Collaboration is key, as we embed security best practices throughout the SDLC. Crucially, we are expanding our capabilities in security automation and vulnerability management, integrating tooling directly into development workflows and driving efficient vulnerability resolution across the organization. We are constantly researching emerging threats, crafting effective mitigation strategies, empowering our engineering teams with comprehensive training, maintaining up-to-date security standards, and leading incident response with precision. We are passionate about fostering a secure environment and contributing to the wider security community.
- Design, implement, and manage the integration of security tooling (SAST, DAST, SCA, Secrets Scanning) into our CI/CD pipelines.
- Develop and maintain automation scripts and platforms to streamline security processes and workflows.
- Own and operate the end-to-end vulnerability management lifecycle: identification, triage, prioritization, distribution, tracking, and reporting.
- Collaborate closely with engineering teams to ensure timely remediation of identified vulnerabilities and provide guidance on secure coding practices.
- Drive the adoption and implementation of the SLSA framework to enhance supply chain security.
- Continuously evaluate and improve existing security automation and vulnerability management workflows, bringing innovation and ownership to the process.
- Research emerging threats and vulnerabilities, particularly those relevant to our tech stack and development practices, translating findings into actionable detection or prevention mechanisms.
- Develop and maintain documentation for security automation tools, processes, and vulnerability management procedures.
- Assist in triaging and validating findings from various sources, including automated scanners, penetration tests, and bug bounty programs.
- Contribute to security training materials focused on secure development practices and the tools you implement.
- Support incident response activities, particularly where automation or vulnerability data can aid investigation and remediation.
- Champion and execute the security team's automation strategy for cross-functional needs, actively seeking and implementing automation opportunities based on team feedback.
- Solid background in software development with demonstrable experience, ideally using languages common in backend or infrastructure development (e.g., Go, Python, Node.js).
- Strong passion for cybersecurity and keen to focus your career on security automation and vulnerability management.
- Understanding of security tools like SAST, DAST, SCA, and secrets scanning solutions within a CI/CD environment (here at MoonPay we use Github).
- Understanding of the principles of vulnerability management, including prioritization frameworks (e.g., CVSS) and remediation tracking.
- Familiarity with the concepts and goals of the SLSA framework or similar supply chain security initiatives.
- Excellent collaboration skills with technical teams, explaining security concepts and tooling requirements clearly.
- Strong analytical and problem-solving skills, with an ability to identify inefficiencies and propose automated solutions.
- Self-motivated, innovative, take ownership of your work, and can operate effectively in a remote, fast-paced environment.
- Experience working in disruptive technology, FinTech, SaaS, or Crypto sectors is a plus.
- Familiarity with cloud security principles (AWS, GCP) is beneficial.
- Deep understanding of GitHub's functionalities, including advanced features, security settings, and API capabilities.
- Strong administrative skills in managing and maintaining GitHub Enterprise environments, including user access, repository management, and organization settings.
- Familiarity with GitHub Actions for workflow automation and security enforcement.
- Salary: $209,664 - $220,699 a year.
- Full-time employment.
- Opportunity to work in a dynamic and innovative environment.
3 DeFi teams messaged me in 5 days
AI profile matched me perfectly
2 interviews in my first week
Hired in 9 days, no cold apps
Best web3 board, period
3 DeFi teams messaged me in 5 days
AI profile matched me perfectly
2 interviews in my first week
Hired in 9 days, no cold apps
Best web3 board, period
CV to offer in 11 days
DAO found me, not the other way
Passive search actually works here
Got 5 messages in first week
Only board I recommend now
CV to offer in 11 days
DAO found me, not the other way
Passive search actually works here
Got 5 messages in first week
Only board I recommend now
