Offensive Security Engineer, Web3 Full-time • Remote (US)Compensation: $152K - $179K base + 5% cash bonus (depending on location zone) Equity: Annual target $75K Work Type: Remote (United States) Visa Sponsorship: Available with additional executive approval for transfers About the Role We are seeking an experienced L4 Offensive Security Engineer with deep expertise in Web3 penetration testing and bug bounty program management. You'll partner with the Bug Bounty Program Lead to manage triage, validation, and strategy for our Web3 bug bounty program. In this role, you'll collaborate with whitehat hackers, security engineers, and product teams to enhance the security of blockchain-based products and services. What You'll Do
- Perform penetration tests on Web3 technologies including smart contracts, DeFi protocols, and blockchain infrastructure.
- Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments.
- Manage the bug bounty program lifecycle: scope updates, researcher engagement, payouts.
- Develop strategies to increase program maturity and hacker engagement.
- Analyze bug bounty data to identify trends and recurring vulnerabilities.
- Collaborate with engineering teams to prioritize and remediate security issues.
- Mentor junior engineers on Web3 security testing and triage practices.
- Stay up to date with emerging Web3 security trends, advisories, and research.
- Provide on-call support for critical bug bounty-related incidents.
What We're Looking For
- Bachelor's or Master's in Computer Science, Cybersecurity, or related field.
- 3+ years of Web3 security or penetration testing experience.
- Strong track record of finding critical blockchain vulnerabilities (L1/L2, DeFi, staking).
- Solid grounding in Web2 security concepts (OWASP Top 10, SANS Top 25).
- Strong analytical skills for identifying vulnerability patterns.
- Excellent communication and collaboration skills.
- Self-driven, passionate about security, and continuously learning in the crypto space.
Nice to Haves
- Active participation in CTFs, bug bounties, or open-source research.
- Relevant security certifications (OSCP, GPEN).
- Experience building custom security tooling for bug bounty triage.
- Prior hands-on experience in AppSec, Network Security, or Cloud Security.
Benefits
- Medical, Dental & Vision Plans with generous company contributions
- Health Savings Account (with employer contributions)
- Disability & Life Insurance
- 401(k) with company match
- Paid Time Off, Volunteer Time Off, & Leave Programs
- Fertility counseling & family planning support
- Monthly stipends for wellness, internet, and connections
- Option to receive pay in digital currency
Ready to take the next step? Apply now or email Jenn at ...@CareDynamicsFL.com to learn more.