About Firefly

• We’re building cutting-edge, decentralized exchange infrastructure in our vision to advance derivatives trading, the largest market by trading volume
• Firefly is partnered with the industry’s leading market makers and has raised a 22.8 million fund to build a hyper liquid, powerful and secure exchange
• Firefly is backed by Polychain Capital, Three Arrows Capital, Cumberland DRW and many other leading investors

Our Culture

We are a team of doers that trust each other and value kindness. Our shared passion for learning and relentless drive to make everything better bring us together. We love what we do and are constantly trying new things with a bias to action and healthy debate. Although we’re a remote-first team, we love to work together just as much and offer multiple co-location hubs throughout the year.

Why others are attracted to this position

1. The Driver’s Seat: this role gives substantial ownership in the development of our core product. We trust you to make important decisions that affect product performance and impact overall product strategy
2. Rapid Growth: you will be part of a fast scaling team building the next generation of financial infrastructure. You would have an accelerated path to leadership solving the most novel problems in the industry
3. Optional Firefly Hubs: you have the option to work alongside other team members in a city that the team chooses for 3 months. In the past, we’ve worked together out of Toronto and London
4. Holistic Development: it’s not only about getting work done at Firefly. We care about each team member’s overall development goals and go beyond just regular training and coaching - whether that’s assistance in opening an animal shelter or organizing personalized music lessons

What you will do

• You will become the primary security expert for multiple product lines, and act as the point of contact for engineering and security.
• Create threat models to Identify and deploy cybersecurity measures by continuously performing vulnerability assessment and risk management.
• Build and integrate monitoring tools to detect abnormal or malicious behavior
• Identify and implement tools, processes, and workflows to find vulnerabilities earlier in the product life cycle (SAST, DAST)
• Perform and document architectural security assessments and threat modeling in the interactions between the back-end and the smart contracts
• Investigate technical innovations in the space such as zero-knowledge proofs and bleeding-edge blockchain protocols
• Be a steward of the engineering culture at Firefly, coaching and mentoring engineers and participating in code & architectural reviews

The Security Engineer will be responsible for integrating security into the development of applications. The engineer will work closely with Firefly’s Product and software development teams to threat model, vulnerability scan and penetration test the early software, system and architecture while identifying the required control points in the application stack. The engineer will also closely work with developers to diagnose, document and remediate security vulnerabilities. The engineer will also be responsible for evaluating, recommending and implementing security-related software on the SDLC. Further, the engineer must be comfortable leading and training developers in secure best practices.

What you will bring

• 4+ years of professional security engineering experience
• A passion for solving challenging problems
• Experience building Security technologies that enable the business
• Strong Technical background in any of the following: Product Security, Infrastructure Security or Blockchain Security
• Strong working knowledge of modern secure software development processes and tools (JIRA, Burp, Confluence, SAST, DAST, CI/CD).
• Excitement to work at a fast-paced startup building software that supports a few hundred million dollars of trade volume each day, across dozens of markets and thousands of traders

What we offer

• Competitive salary and equity
• Employee-friendly equity terms (early exercise, extended exercise)
• Annual ski trips, events, and travel
• Company paid co-working space/desk at an office
• Company paid lunch and coffee during work days
• Work remotely or any of the Firefly Hubs for 3 months
• Health, Dental & Vision Insurance in US (stipend if remote)
• Take as much time off as you need to be productive
• Parental leave
• Stipend to set up your home office (4k display, desk, chair etc.)
• Latest productivity software like Notion and Linear