Pagoda is a technology services firm dedicated to developing core components for the NEAR Ecosystem. We believe that re-inventing how software is made and distributed is our greatest opportunity to open economic access to those who are not fully integrated into the global economy. Our products empower people to find opportunity, invent new experiences, and collaborate. Let's build an Open Web world. A world where people control their assets, data, and power of governance.
Pagoda's growing security team seeks an Application Security Engineer to help us enhance the security of our cutting-edge blockchain applications. Partnering closely with our engineering and product teams, you'll play a vital role in applying your security expertise throughout the software development lifecycle.
- Work alongside engineers to integrate security best practices into design reviews, threat modeling, code reviews, and penetration testing.
- Participate in secure code review and penetration testing efforts, honing your skills with hands-on experience under the guidance of senior team members.
- Contribute to deep-dive security reviews of our web, mobile, and API products to ensure they adhere to secure design principles.
- Participate in security training and share your learnings with the broader engineering team to foster a culture of security awareness.
- Assist in incident response to gain valuable real-world experience and help protect Pagoda's systems and data.
- Gain exposure to SAST/DAST tools (Snyk, Stackhawk), bug bounty analysis, and risk assessment, building a foundation for future growth.
- 5+ years of experience in application security or a related field, with a passion for learning and growing your skillset.
- A solid understanding of security fundamentals and common vulnerabilities (e.g., XSS, CSRF, SQL Injection).
- A knack for identifying potential risks and collaborating with engineers to find effective solutions.
- The ability to effectively communicate security concepts to both technical and non-technical audiences.
- A collaborative mindset and a willingness to learn from and teach others
- Familiarity with one or more programming languages (Python, JavaScript, Rust) to aid in code review and vulnerability analysis.
- An interest in blockchain technology and a desire to contribute to the security of the Web3 ecosystem.
Our interviews take place via Zoom and typically consists of the following stages:
- Recruiter Call
- Hiring Manager Call
- 1st Round
- Bug Bounty Interview
- Technical Assessment with Engineering
- Final Round
- Meet with CTO
- Pagoda Values Interview
The base salary range for this role is $153,000 - $170,000. This reflects the minimum and maximum range across all US locations. This does not include bonus, incentives, or benefits.
The actual base pay is dependent upon many factors, such as: leveling, relevant skills, and work location. If you are based outside of the US, there are other geographic considerations that may impact your final compensation. Your recruiter can share more about the compensation and benefits applicable to your preferred location during the hiring process.
- Encouraged 20 days of flexible PTO per year, plus your local holidays
- Wellness weeks – 2 weeks of paid company-wide closures
- 100% Paid medical, dental and vision, AD&D and life insurance for US employees, including 85% coverage for dependents, and HSA + FSA options; For non-US employees, 100% Paid private medical coverage available at the highest tiered plan
- Access to licensed therapists and mental health resources through Spill, 100% confidential and paid by Pagoda; plus $75 monthly reimbursement for wellness
- Generous parental leave options; All employees have access to $10,000 in fertility assistance through Carrot
- For US employees, 401(k) retirement plan available (no match)
- Annual company retreats and team offsites (2023 was in Spain; 2022 in Portugal)
- $2,000 Continued Education Reimbursement
- $2,000 Home Office Reimbursement
- Co-working Space Reimbursement
Our values express our company culture. Learn more on our careers page.
What We Do
Near Inc is building NEAR, a new application platform designed to bring blockchain to wide variety of mainstream applications. Focusing on developer and end user experience, NEAR is high performance infrastructure that real people can use.
