Application Security Engineer

The Role

• Secure Gensyn’s decentralized systems, tooling, protocols and services

Responsibilities

• Own and develop security posture, tools, and strategy for application-level systems: web apps, APIs, and Smart Contracts
• Perform threat modeling, architecture reviews and design reviews for new features, services and protocols
• Monitor and respond to application-level security incidents
• Stay abreast of emerging threats relevant to our stack and proactively apply mitigations
• Educate teams across the company on security best practices

Competencies

Must Have

• Deep hands-on application security experience in production Web3 environments
• Experience securing and monitoring crypto keys and safes
• Experience performing threat modeling, architecture risk assessments and application vulnerability management
• Deep understanding of web application and blockchain security
• Familiarity with cloud-native infrastructure/applications and ability to secure them end-to-end
• Strong ability to review and write secure code
• Excellent written and verbal communication
• Comfortable operating in a high-autonomy, high-velocity team

Preferred

• Familiarity with machine-learning infrastructure or distributed systems
• Experience with threat-hunting, adversary simulation, or advanced persistent-threat (APT) mitigation
• Open source security tooling contributions or public writing about application security

Nice to Have

• Familiarity with GPU/accelerator environments, large-scale model-training workflows, or supply-chain risks in ML/AI

Compensation / Benefits

• Competitive salary + share of equity and token pool
• Fully remote work- we currently hire between the West Coast (PT) and Central Europe (CET) time zones
• Visa sponsorship -available for those who would like to relocate to the US after being hired
• 3-4x all expenses paid company retreats around the world, per year
• Whatever equipment you need
• Paid sick leave and flexible vacation
• Company-sponsored health, vision, and dental insurance- including spouse/dependents [🇺🇸 only]

Our Principles

Autonomy & Independence

• Don’t ask for permission - we have a constraint culture, not a permission culture.
• Claim ownership of any work stream and set its goals/deadlines, rather than waiting to be assigned work or relying on job specs.
• Push & pull context on your work rather than waiting for information from others and assuming people know what you’re doing.
• Communicate to be understood rather than pushing out information and expecting others to work to understand it.
• Stay a small team - misalignment and politics scale super-linearly with team size. Small protocol teams rival much larger traditional teams.

Rejection of mediocrity & high performance

• Give direct feedback to everyone immediately - rather than avoiding unpopularity, expecting things to improve naturally, or trading short-term pain for extreme long-term pain.
• Embrace an extreme learning rate - rather than assuming limits to your ability / knowledge.
• Don’t quit - push to the final outcome, despite any barriers.
• Be anti-fragile - balance short-term risk for long-term outcomes.
• Reject waste - guard the company’s time, rather than wasting it in meetings without clear purpose/focus, or bikeshedding.