Web Application Security Engineer

San Francisco
Engineering
Full Time Employee
TrustToken is creating a more efficient and inclusive global financial system by digitizing assets that can be seamlessly and securely exchanged across markets worldwide.

In this role you'll be protecting some of the world's top crypto hedge funds, financial institutions, and traders from around the globe. This app is one of the main ways consumers interact with us as a company and brand, and so trust is paramount.

Responsibilities:

    • Oversee the security of our TrueUSD web application
    • Manage private key security/crypto security
    • Smart contract security
    • Managing security audits of our smart contracts and web application
    • Threat modeling and risk assessment
    • Operational / company security
    • Managing & controlling risks from external vendors

Requirements:

    • Experience securing web applications (including XSS, CSRF, 2FA/MFA, SSL, JWTs, SQL injection)
    • Knowledge of crypto and private key security (including smart contracts, multi-sig wallets, HW wallets, key splitting)
    • You love being the most paranoid person on the team
    • You should be sufficiently comfortable with full-stack web development to take a web application and secure it, without having to rely on other developers

Bonus Points For:

    • Blockchain experience
    • Experience building or managing fintech products

Our Tech Stack:

    • React
    • GraphQL
    • Apollo Client
    • Node
    • Express
    • Postgres
    • Heroku
    • Python
About TrustToken
TrustToken is creating a more efficient and inclusive global financial system by digitizing assets that can be seamlessly and securely exchanged across markets worldwide. TrustToken’s first product, TrueUSD, has become the most traded stablecoin fully backed by US dollars. TrustToken has since launched four additional fiat-backed stablecoins, TrueGBP, TrueAUD, TrueCAD, and TrueHKD. TrustToken products trade on some of the world’s top exchanges - Binance, Huobi, OKEx, and many others - and can be purchased or redeemed directly in the TrustToken App.

Founded in 2017, our engineering team is based in San Francisco and is made up of people coming from DoorDash, Lyft, Snapchat, and Google. We’re backed by a16z crypto, BlockTower Capital, Danhua Capital, Founders Fund Angel, GGV Capital, Jump Capital, Stanford-StartX, and others.

This is an opportunity to work on a product that has the potential to reach tens of millions of people. You will own development of major features of the TrueCoin application. This is the application used to purchase and redeem all of our currency and commodity products, and has become a major fiat-crypto onramp. It has already facilitated more than $200 million worth of transactions, and the pace is accelerating rapidly.

In this role, you'll have an opportunity to build a product used by some of the world's top crypto hedge funds, financial institutions, and traders from around the globe. You are the person building the portal between real-world assets and their tokenized forms. This app is one of the main ways consumers interact with us as a company and brand.