Search...

Lead Security Engineer

Paxos Labs logo
Paxos Labs

Paxos Labs is the financial utility stack for digital assets, enabling platforms to embed yield, borrowing, and branded stablecoins into their user experience. It serves platforms and enterprises looking to activate and monetize digital assets natively, extending Paxos's regulated infrastructure onchain.

Distributed
About Paxos Labs

Paxos Labs provides a complete stack to activate digital asset utility and monetization on client platforms through three core modules: Mint (branded stablecoin issuance, allowing platforms to issue, manage, and scale fully backed branded stablecoins native to their ecosystem), Earn (embedded yield infrastructure enabling users to put idle assets to work and access savings rates on dollar and stablecoin balances), and Borrow (embedded, transparent, risk-controlled credit markets integrated directly into platforms). The company emphasizes full economic control for its clients—platforms keep the brand, user experience, and economics while Paxos Labs provides the infrastructure—along with institutional trust derived from Paxos's regulated digital asset infrastructure, and speed to market with integrations that can go live in weeks. Paxos Labs primarily serves platform businesses seeking to embed onchain financial products such as stablecoins, yield, and credit directly into their offerings, and is backed by investors including Blockchain Capital, Maelstrom, Robot Ventures, and Uniswap.

View jobs by Paxos Labs

Skills

About the Role

You will play a central role in elevating security across cloud infrastructure, operations, and smart contracts at a company building onchain financial products. You will conduct internal audits of cloud platforms, create threat models, and collaborate with infrastructure engineers to detect and prevent exploits. You will develop tooling and standard operating procedures for incident response, run periodic training simulating hacks and social engineering attacks, and work with technical and non-technical staff to secure human attack vectors. You will also partner with the smart contract team to audit and secure protocols, building full stack tools to detect malicious transactions, automate pauses across chains, define and monitor invariants, and integrate third party security software.

Requirements

  • Deep knowledge of cloud infrastructure and web2 security practices
  • Deep knowledge of cybersecurity standards and social engineering defenses
  • Experience building full stack applications
  • Deep knowledge of EVM security tooling, testing, and best practices
  • Deep knowledge of common hacks and exploits in DeFi protocols
  • Deep knowledge of financial attack vectors in DeFi protocols
  • Experience with CTFs, bugbounties, whitehat activities

Responsibilities

  • Conduct internal audits of cloud platform security (Azure, AWS)
  • Implement best practices around key management, network security, and monitoring
  • Create threat models for first party and third party software
  • Research possible vulnerabilities and patch them
  • Collaborate with infrastructure engineers to detect, fix, and prevent exploits by creating reusable tools and processes
  • Develop tooling and SOPs such as incident response manuals
  • Conduct periodic incident response training simulating hacks, alerts, and social engineering vectors
  • Collaborate with technical and non-technical staff to secure non-code related attack vectors
  • Collaborate with the Smart Contract team to conduct internal audits and set up secure operational practices
  • Build and deploy full stack tools for mitigating exploits and financial risks
  • Detect malicious transactions in the mempool and automate pauses across smart contracts deployed on multiple chains
  • Define invariants and detect violations in realtime
  • Integrate third party security software where necessary
Lead Security Engineer at Paxos Labs | JobStash