Junior Security Engineer

About Status

Status is the gateway to the decentralised web. We’re building the tools and infrastructure for the advancement of a secure, private, and open web3. With the high level goals of preserving the right to privacy, mitigating the risk of censorship, and promoting economic trade in a transparent, open manner, Status is building a community where anyone is welcome to join and contribute.

As an organization, Status seeks to push the web3 ecosystem forward through research, creation of developer tools, and support of the open source community. Our core application, currently in beta on Mobile and Desktop, is an open source, Ethereum-based app that gives users the power to chat, make payments and browse the decentralized web.

Who are we?

We're a remote team of made up of 60+ core-contributors and growing community of members scattered around the globe. We care deeply about open source software, and our organizational structure has minimal hierarchy and fixed work hours. We believe in working with a high degree of autonomy while supporting the organization's priorities.

The role:

As a Security Engineer at Status, you will work closely with everything and everyone at Status to ensure best practices are being upheld. Sometimes, you will define those best practices. You will often have the opportunity to research, develop, and evaluate bleeding edge tech for the purpose of strengthening the security and privacy stance of our products and organization. In some ways, it is your job to make your job as obsolete as possible. A Security Engineer at Status will touch on a broad array of challenges and topics that fall under the scope of Security, so you must be able to continuously adapt and learn.

The anticipated salary range for this role is $50,000 - $70,000 USD (paid in local currency, or crypto, and dependent on experience & location).

Responsibilities:

• Operational Security:
  • Managing bug bounty programs.
  • Delivering and developing security awareness training.
  • Overseeing security monitoring activities.
• Security Procedures:
  • Defining, implementing and updating security policies.
  • Reporting breaches to the Security Compliance function.
• Secure SDLC:
  • Defining, deploying (CI/CD integration) and updating secure Software Development Life Cycle (SDLC).

Minimum qualifications:

• Passionate about blockchain technology and decentralisation.
• “Blue team” experience: security monitoring (e.g. SOC)
• Experience in managing large bug bounty programs (e.g HackerOne, Bugcrowd, etc.).
• Information security management framework expertise (e.g. ISO 2700x).
• Information security policies experience (design and deployment).
• Experience in managing large open source projects (with external contributors).
• SDLC experience (design, implementation and compliance).

Status is building the tools and infrastructure for the advancement of a secure, private, and open web3. As a product, Status is an open source, Ethereum-based app that gives users the power to chat, transact, and access a revolutionary world of DApps on the decentralized web. With the high level goals of preserving the right to privacy, mitigating the risk of censorship, and promoting economic trade in a transparent, open manner, Status is building a community where anyone is welcome to join and contribute.

As an organization, Status seeks to push the web3 ecosystem forward through research, creation of developer tools, and support of the open source community.

We're open source - you can contribute at https://github.com/status-im