Posted on Apr 12, 2020

Security Lead (Remote)

Business & Management San Francisco, CA, USA Full-time Remote

We seek an outstanding Security Lead to captain Protocol Labs’ security team and lay the foundations for a more resilient, secure, and decentralized version of the web.

Security at Protocol Labs
Security at Protocol Labs is not just about cryptography; it’s about responsibly shaping complex systems, and securing the way we work and interact with our community. We believe in an open-source approach to creation. With this comes a myriad of ways in which Protocol Labs interacts with the outside world, from running gateways to releasing products and publishing Open Source code. The security team at Protocol Labs shapes and executes our wider strategy for securing the way we work as a distributed team and how we proactively address future threats to the systems we build. All of this in an environment filled with curiosity, passion, and a love for open source.

As a Security Lead at Protocol Labs you will…

  • Review and shape our company OpSec practices, writing and enforcing security standards for our internal systems and data
  • Work with the infrastructure team on the security standards for both developer-facing and internal tooling
  • Manage relationships with external stakeholders, including red teams, penetration testers and auditors
  • Develop and coordinate Protocol Labs’ bug bounty programs and other ways to engage the community in developing secure systems
  • Champion different security perspectives within our product teams
  • Help shape our security organization, as it grows with Protocol Labs

You may be a fit for this role if you have...

  • Led a security team whose members have varied expertise
  • Infosec experience, developing and enforcing org policies around permissioning, incident response, data avoidance/retention policies, etc.
  • Deep experience with distributed networks and network security, working with infrastructure teams to assess their needs
  • Expertise hiring and interacting with auditors, pentesters, and experts outside your organization
  • Deep experience collaborating closely with software engineers, from design to development to production support and developer education
  • Familiarity and experience working with the Open Source community and bug bounties
  • Excellent written and verbal communication skills

Bonus points if...

  • You have shared your work (code, presentations, papers, blog, etc) with the world at large
  • You relish coordinating workflows across different teams inside an org
  • You can run a pre-image attack on SHA-2 with an abacus