Search...

Security Engineer

Arbitrum logo
Arbitrum

Arbitrum is a finance-native blockchain platform providing enterprise-grade infrastructure for applications, tokenization, and dedicated blockchain environments. It serves finance, consumer, and gaming applications, enabling developers and companies to build apps or launch their own chains with near-instant speed, low costs, and Ethereum-grade security.

Distributed
About Arbitrum

Arbitrum positions itself as the enterprise-grade infrastructure for global finance, consumer, and gaming applications onchain. It offers a flexible platform allowing users to either build an app on Arbitrum One (using Solidity or Stylus, which supports Rust, C, and C++) or launch a fully customizable dedicated chain with configurable gas tokens, governance, access controls, and privacy. The platform emphasizes performance, confidentiality, customization, and compliance for institutional and blockchain-native developers alike. Arbitrum's ecosystem hosts hundreds of finance, consumer, and gaming applications, including major DeFi protocols like Aave, Pendle, GMX, Morpho, and Uniswap, as well as consumer and gaming projects such as The Beacon, Otherside, Wildcard, and Golden Tides. Clients and partners range from institutional finance players (e.g., Robinhood) to Web3-native consumer apps and game studios, reflecting its focus on serving both enterprise-grade finance use cases and mass-adoption consumer/gaming experiences.

View jobs by Arbitrum

Skills

About the Role

You will play a key role in defining and improving our cloud security posture and collaborate across teams to ensure that operations are secure, compliant, and aligned with regulatory and industry best practices such as SOC2. You'll leverage your cloud security expertise to design and harden secure infrastructure, automate controls, and help shape the company's information security governance program.

Requirements

  • 5+ years of experience in a security engineering role
  • Mastery of cloud infrastructure, particularly AWS
  • Prior experience focusing on infrastructure security and Kubernetes
  • Familiarity with secret management tools like Vault or KMS
  • Strong understanding of core information security concepts and major regulatory frameworks/standards (e.g. SOC2, ISO 27001, NIST CSF)
  • Experience conducting security design reviews, threat modelling, and security testing
  • Excellent written and verbal communication skills

Responsibilities

  • Design, implement, and improve secure cloud-native architectures and CI/CD pipelines
  • Identify risks, enforce best practices, and harden systems across the technology stack
  • Automate security controls and educate developers for future-proofing against vulnerabilities
  • Design and evolve information security governance and compliance program through policies, standards, procedures, and awareness
  • Work closely with engineering, infrastructure, and product teams to align controls with business objectives and technical realities

Benefits

  • Remote-first global workforce + NY office
  • Annual company offsite + team onsites
  • Professional reimbursement program (facilitates industry conference attendance, certifications, and more)
  • Medical, dental & vision coverage (US + some other countries)
  • 401k retirement plan + company match (US only)
  • Wellness stipend
  • Home office set up / ergonomic equipment program