Security Engineer

About the role:

Injective is seeking a Security Engineer to help strengthen and future-proof the security of our blockchain ecosystem and core infrastructure. This role blends hands-on security engineering with proactive research — you’ll identify and mitigate vulnerabilities, run offensive security campaigns, and help shape Injective’s reputation as one of the most secure ecosystems in Web3.

Responsibilities:

• Perform regular security reviews, penetration tests, and code audits across our chain modules, smart contracts, validator infrastructure, and supporting services.
• Hunt for new vulnerabilities through fuzzing, adversarial testing, and exploit development — at the protocol, network, and application layers.
• Develop internal tools to detect misconfigurations, suspicious activity, and chain-level edge-case exploits.
• Analyze emerging threats in other blockchains, rollups, bridges, or validator networks — assess Injective’s exposure, propose mitigations, and publish findings internally.
• Manage vulnerability scanning pipelines, patch management, and incident response processes.
• Audit internal systems and services (cloud accounts, access control, VPN, GitHub, secrets, endpoints, MDM, etc.) for best practice alignment
• Collaborate with core developers, validators, and external auditors to test, validate, and deploy security fixes.
• Contribute to our bug bounty program and coordinate with the security research community for responsible disclosure.
• Help define and enforce internal security policies, tooling, and education to raise baseline awareness

Who You Are

• 5+ years of experience in security engineering, offensive security, or protocol-level system audits
• Strong experience in security engineering for cloud-native or blockchain-based systems.
• Solid understanding of offensive security: vulnerability discovery, fuzzing, static/dynamic analysis.
• Strong pen-testing experience
• Experience working with or auditing blockchain protocols, validator setups, or smart contracts
• Hands-on experience securing distributed infrastructure (Linux, containers, Kubernetes, cloud networks).
• Familiarity with blockchain architectures (Cosmos SDK, Tendermint, IBC, EVM, CosmWasm, or cross-chain bridges).
• Proficiency in Go or Rust (protocols) is a must.
• Experience with Solidity/CosmWasm (smart contracts) is a plus
• Comfortable writing PoCs, threat models, or simple fuzzers to validate real-world risk.
• Self-driven, curious, and motivated to think like an attacker and design like a defender.

Bonus Points:

• Experience with Cosmos SDK, IBC, or Injective chain tooling
• Involvement in open-source security research, bug bounties, or CTFs

Why Work With Us:

• Work on high-impact security challenges at the forefront of decentralized finance
• Collaborate with a global team of protocol engineers, devops engineers, and Web3 pioneers
• Competitive compensation, generous token incentives, and flexible remote work