Security Protocol Enginee
Alpen is a platform for powering financial applications secured by Bitcoin, aiming to tap into the value of BTC.
Funding
About Alpen Labs
Alpen enables the development of financial applications on Bitcoin. It provides an EVM-compatible environment, allowing developers to build a wide range of financial apps for BTC. The platform settles all transactions directly on Bitcoin using a unique ZK rollup with an optimistic bridge architecture, which ensures that transactions inherit Bitcoin's security. Alpen's novel 1-of-N Bitcoin bridge aims to free users from custodial BTC finance and honest-majority BTC bridges, thereby improving safety.
Skills
About the Role
You will own security for protocol-layer components including L2, bridges, and custody systems. You will act as the final gatekeeper before code reaches main, lead threat modeling and design reviews, and plan mitigations. You will write critical patches, drive hardening, and maintain security CI tooling such as signature verification, SAST, fuzzing, and secrets scanning. You will review all protocol-relevant pull requests, enforce automated checks, run secure coding workshops, pair-program during critical sprints, and interface with auditors and bounty researchers to scope, triage, and fix issues. You will have the authority to block merges or deploys on security grounds and direct commit access for emergency fixes.
Requirements
- 5+ years in security engineering with hands-on software experience
- Strong background in Rust, Go or Solidity
- Deep knowledge of threat modeling and real-world exploit paths
- Experience owning or maintaining CI-based security automation
- Comfortable leading security efforts without direct organizational ownership
- Bonus: protocol-level blockchain experience, audits, bug bounties, or custody systems
Responsibilities
- Own security across protocol-layer components including L2, bridge and custody
- Act as the final gatekeeper before code is merged to main
- Lead threat modeling, design reviews, and mitigation planning
- Write critical patches and drive system hardening
- Maintain security CI tooling including signature verification, SAST, fuzzing and secrets scanning
- Review all protocol-relevant pull requests and enforce automated checks
- Run secure coding workshops and pair-program during critical sprints
- Interface with auditors and bounty researchers to scope, triage and fix issues
- Block merges or deploys on security grounds when necessary
- Perform emergency fixes with direct commit access
Benefits
- Fully remote work
- Flexible work hours across time zones
