TalentProfile
Back to Jobs
United States or Canada Employment USD 169,150 - 195,000 Yearly

Paxos is hiring an Application Security Engineer

About the Role

Paxos is looking for an Application Security Engineer to become a key guardian of our financial and blockchain ecosystem. You will ensure that the code we ship and run is secure by design. At Paxos, we are on a mission to open the world’s financial system to everyone by enabling the instant movement of any asset, any time, in a trustworthy way.

What You'll Do

  • Perform deep-dive security reviews of web applications, APIs, and cloud infrastructure.
  • Develop security-focused tools and libraries in Go, Java, or Ruby to assist developers in writing secure code.
  • Support our blockchain initiatives by identifying risks in L1/L2 integrations and smart contract interactions.
  • Manage and tune Web Application Firewalls (WAF) and cloud-native security controls.
  • Contribute to the security culture through developer training and participating in incident response when necessary.
  • Build and maintain the tooling that integrates security into our development lifecycle, moving from manual reviews to automated, scalable guardrails.
  • Partner with engineering teams during the design phase of new features (Threat Modeling) to identify risks before a single line of code is written.
  • Manage the end-to-end lifecycle of vulnerabilities, from discovery via internal audits or Bug Bounties to collaborating with engineers on 'gold-standard' remediations.

What We're Looking For

  • Proven ability to perform deep-dive manual security testing while also securing production-quality code.
  • Expert-level knowledge of OWASP Top 10, CWE, and API security vulnerabilities.
  • Experience building and scaling security checks directly into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins).
  • Working knowledge of AWS/GCP security configurations, particularly IAM, VPCs, and WAF management.

Nice to Have

  • Proficiency in Go, Java, or Ruby.

Technical Stack

  • Languages: Go, Java, Ruby
  • Cloud: AWS, GCP

Team & Environment

The Security team is a specialized, deeply technical, and vigilant group tasked with protecting our digital assets, customer funds, and sensitive data against a sophisticated threat landscape.

Required Skills
Application SecurityManual Security TestingOWASP Top 10CWEAPI SecurityCI/CD SecurityAWS IAMGCP IAMAWS VPCCloud WAFGoJavaRubyAWSGCP
Ready to relocate and code from paradise?

Thailand or Vietnam — your office, your rules

Iglu offers relocation to Bangkok, Chiang Mai, Ho Chi Minh City, or Hong Kong. Full employment, legal setup, and a community of 200+ digital professionals.

Relocation to 5 countries
Full legal work setup
Developer community access
Work-life balance culture
Explore locations
Relocation support included
About company
Paxos

Paxos rebuilds financial infrastructure to open the world's financial system to everyone. For over a decade, we’ve built blockchain infrastructure that tokenizes, custodies, trades and settles assets for the world’s leading financial institutions, like Mastercard, Visa, Robinhood, and PayPal.

Visit website
Job Details
Department Information Technology
Category security
Posted 14 days ago

Similar Jobs

Other opportunities you might be interested in

Jabil

Principle Security Engineer

Jabil

Sanchong, Taiwan, Taiwan
Roke

Cyber Software Engineer

Roke

Romsey, Hampshire, United Kingdom On-site
Advanced Micro Devices, Inc

Platform Security Engineer

Advanced Micro Devices, Inc

Ontario, Canada Hybrid
Axon

Senior Product Security Engineer II

Axon

Atlanta or Boston or Scottsdale or Seattle Hybrid
Booz Allen Hamilton

Cybersecurity Hardware Engineer

Booz Allen Hamilton

Rome, New York, United States Hybrid
EndoSec LLC

Hardware Security Analyst

EndoSec LLC

Colorado Springs, Colorado, United States Remote (Global)