Injective Labs
Security Engineer
Injective Labs - New York, New York, us, 10261
Work at Injective Labs
Overview
- View job
Overview
About the role:
Injective is seeking a
Security Engineer
to help strengthen and future-proof the security of our blockchain ecosystem and core infrastructure. This role blends hands-on security engineering with proactive research - you'll identify and mitigate vulnerabilities, run offensive security campaigns, and help shape Injective's reputation as one of the most secure ecosystems in Web3.
Responsibilities: Perform regular security reviews, penetration tests, and code audits across our chain modules, smart contracts, validator infrastructure, and supporting services. Hunt for new vulnerabilities through fuzzing, adversarial testing, and exploit development - at the protocol, network, and application layers. Develop internal tools to detect misconfigurations, suspicious activity, and chain-level edge-case exploits. Analyze emerging threats in other blockchains, rollups, bridges, or validator networks - assess Injective's exposure, propose mitigations, and publish findings internally. Manage vulnerability scanning pipelines, patch management, and incident response processes. Audit internal systems and services (cloud accounts, access control, VPN, GitHub, secrets, endpoints, MDM, etc.) for best practice alignment Collaborate with core developers, validators, and external auditors to test, validate, and deploy security fixes. Contribute to our bug bounty program and coordinate with the security research community for responsible disclosure. Help define and enforce internal security policies, tooling, and education to raise baseline awareness Who You Are
5+ years of experience in security engineering, offensive security, or protocol-level system audits Strong experience in security engineering for cloud-native or blockchain-based systems. Solid understanding of offensive security: vulnerability discovery, fuzzing, static/dynamic analysis. Experience working with or auditing blockchain protocols, validator setups, or smart contracts Hands-on experience securing distributed infrastructure (Linux, containers, Kubernetes, cloud networks). Familiarity with blockchain architectures (Cosmos SDK, Tendermint, IBC, EVM, CosmWasm, or cross-chain bridges). Proficiency in Go or Rust (protocols) or Solidity/CosmWasm (smart contracts) is a plus. Comfortable writing PoCs, threat models, or simple fuzzers to validate real-world risk. Self-driven, curious, and motivated to think like an attacker and design like a defender. Bonus Points: Experience with Cosmos SDK, IBC, or Injective chain tooling Involvement in open-source security research, bug bounties, or CTFs Why Work With Us: Work on high-impact security challenges at the forefront of decentralized finance Collaborate with a global team of protocol engineers, devops engineers, and Web3 pioneers Competitive compensation, generous token incentives, and flexible remote work
Injective is seeking a
Security Engineer
to help strengthen and future-proof the security of our blockchain ecosystem and core infrastructure. This role blends hands-on security engineering with proactive research - you'll identify and mitigate vulnerabilities, run offensive security campaigns, and help shape Injective's reputation as one of the most secure ecosystems in Web3.
Responsibilities: Perform regular security reviews, penetration tests, and code audits across our chain modules, smart contracts, validator infrastructure, and supporting services. Hunt for new vulnerabilities through fuzzing, adversarial testing, and exploit development - at the protocol, network, and application layers. Develop internal tools to detect misconfigurations, suspicious activity, and chain-level edge-case exploits. Analyze emerging threats in other blockchains, rollups, bridges, or validator networks - assess Injective's exposure, propose mitigations, and publish findings internally. Manage vulnerability scanning pipelines, patch management, and incident response processes. Audit internal systems and services (cloud accounts, access control, VPN, GitHub, secrets, endpoints, MDM, etc.) for best practice alignment Collaborate with core developers, validators, and external auditors to test, validate, and deploy security fixes. Contribute to our bug bounty program and coordinate with the security research community for responsible disclosure. Help define and enforce internal security policies, tooling, and education to raise baseline awareness Who You Are
5+ years of experience in security engineering, offensive security, or protocol-level system audits Strong experience in security engineering for cloud-native or blockchain-based systems. Solid understanding of offensive security: vulnerability discovery, fuzzing, static/dynamic analysis. Experience working with or auditing blockchain protocols, validator setups, or smart contracts Hands-on experience securing distributed infrastructure (Linux, containers, Kubernetes, cloud networks). Familiarity with blockchain architectures (Cosmos SDK, Tendermint, IBC, EVM, CosmWasm, or cross-chain bridges). Proficiency in Go or Rust (protocols) or Solidity/CosmWasm (smart contracts) is a plus. Comfortable writing PoCs, threat models, or simple fuzzers to validate real-world risk. Self-driven, curious, and motivated to think like an attacker and design like a defender. Bonus Points: Experience with Cosmos SDK, IBC, or Injective chain tooling Involvement in open-source security research, bug bounties, or CTFs Why Work With Us: Work on high-impact security challenges at the forefront of decentralized finance Collaborate with a global team of protocol engineers, devops engineers, and Web3 pioneers Competitive compensation, generous token incentives, and flexible remote work