Offensive Security Engineer, Assessments (Web3) at Jobgether

, , United States -

Full Time

Start Date

Immediate

Expiry Date

22 Feb, 26

Salary

179300.0

Posted On

24 Nov, 25

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Offensive Security, Penetration Testing, Bug Bounty Programs, Web3 Security, Blockchain Technologies, DeFi Protocols, Smart Contracts, Analytical Skills, Problem-solving Skills, Communication Skills, Collaboration Skills, Programming, Python, Mentoring, Continuous Learning, Vulnerability Assessment

Industry

Internet Marketplace Platforms

Description

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Offensive Security Engineer, Assessments (Web3) in United States. This role provides the opportunity to strengthen security for blockchain-based products and Web3 applications through advanced penetration testing and bug bounty program management. You will work closely with cross-functional teams and whitehat researchers to identify, assess, and remediate vulnerabilities while shaping the overall security posture of Web3 systems. This position emphasizes hands-on offensive security, strategic program management, and collaboration across engineering and security teams. The ideal candidate combines deep technical expertise in Web3 security with excellent communication skills, a proactive mindset, and a passion for protecting decentralized technologies. You will thrive in a fast-paced, high-impact environment where your work directly influences the safety and integrity of digital assets and user trust. \n Accountabilities: Conduct comprehensive security assessments of Web3 products, including smart contracts, DeFi protocols, and blockchain infrastructure. Lead bug bounty program triage, validation, and strategic initiatives to enhance efficiency, maturity, and hacker engagement. Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through assessments and bug bounty submissions. Stay informed on emerging Web3 security trends, advisories, and research to continuously improve testing strategies. Mentor and train junior security engineers in penetration testing and bug bounty analysis. Develop and implement strategies to incentivize high-quality bug bounty submissions and maintain researcher engagement. Analyze bug bounty and vulnerability data to identify trends, recurring issues, and opportunities for process improvement. Document and report on bug bounty metrics, program effectiveness, and security assessments. Requirements: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Software Engineering, or related field. 3+ years of experience in Web3 application security, penetration testing, and bug bounty programs. Strong understanding of blockchain technologies, including L1/L2 networks, DeFi protocols, and staking mechanisms. Knowledge of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). Hands-on experience applying programming concepts in penetration testing, preferably using Python. Excellent analytical and problem-solving skills, with a proactive approach to identifying security risks. Strong communication and collaboration skills to work with both technical and non-technical stakeholders. Passion for continuous learning and staying current in the rapidly evolving Web3 security space. Ability to work independently, take ownership of initiatives, and handle high-pressure situations effectively. Nice-to-have: security certifications (OSCP, GPEN), CTF or bug bounty participation, cloud or application security expertise, and experience building security tooling. Benefits: Competitive salary range: $152,405–$179,300 USD (location dependent). Eligibility for performance bonuses and equity grants. Flexible work arrangements with remote-first options and support for team offsites. Access to cutting-edge Web3 technologies and security tools. Professional growth and learning opportunities within a high-impact security team. Collaborative, mission-driven, and inclusive work environment. \n Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching. When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly. 🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements. 📊 It compares your profile to the job’s core requirements and past success factors to determine your match score. 🎯 Based on this analysis, we automatically shortlist the three candidates with the highest match to the role. 🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed. The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team. Thank you for your interest! #LI-CL1

Responsibilities

Conduct comprehensive security assessments of Web3 products and lead bug bounty program management. Collaborate with engineering teams to prioritize and remediate vulnerabilities while mentoring junior security engineers.