# Information Security Engineer, Product

**Company:** [Aptos](https://hotfix.jobs/companies/aptos)
**Location:** Remote
**Role:** Security Engineering
**Experience:** 3+ years
**Skills:** Rust, C, Fuzzing, Static Analysis, Movevm, Evm, Wasm, Llvm, Move, Penetration Testing, Code Audits, Bug Bounty, Vulnerability Research
**Posted:** 2026-05-07

> Product Security Engineer analyzes security issues through design reviews, code audits, and penetration tests, builds security tools and mitigations, provides guidance to engineers, and triages bug bounty reports. Requires 3+ years in vulnerability research, Rust/C experience, and automated security tooling.

## Job Description

## Responsibilities
- Analyze and assess novel and recurring security issues via design reviews, code audits, and penetration tests.
- Design and build security tools, and develop mitigations, frameworks, and hardening strategies tailored for vulnerability prevention and detection.
- Review and develop secure operational practices, and provide security guidance for engineers.
- Respond to and triage reports from bug bounty programs.

## Minimum Qualifications
- B.S. or M.S. in Computer Science, a related technical field, or equivalent experience.
- 3+ years of experience in vulnerability research and exploitation.
- Experience with native development practices and common vulnerability patterns (e.g., **Rust**, **C**, etc.)
- Experience with automated security analysis tooling and frameworks (**fuzzing**, **static analysis**, etc.)

## Preferred Qualifications
- Contributions to the security community (public research, blogging, talks in relevant conferences, etc.)
- Experience with virtual machines or complex runtime environments, such as **MoveVM** (extra bonus), **EVM**, **WASM**, or **LLVM**-based runtimes, including their security models, sandboxing, and execution isolation.
- Familiarity with smart contract programming languages (extra bonus for **Move**), security tools, and frameworks, including formal verification.

## Benefits
- 100% insurance premium coverage for medical, dental, and vision for you and your dependents (US Employees)
- Equipment of your choice
- Flexible vacation time, 11 holidays, and floating company days off
- Competitive Salary
- Protocol Token Grants
- 401k matching (US Employees)
- Fun and inclusive in-person and digital events

## Similar roles

- [Security Program Manager](https://hotfix.jobs/jobs/e7f7fcaf-1979-4194-9131-83689809fe47) - Forus - New York, NY
- [Safeguards Enforcement Analyst, Account Takeover & Credential Abuse](https://hotfix.jobs/jobs/31f5d0ec-9b31-4419-a4b1-2e826ec7a358) - Anthropic - San Francisco, CA - $245k – $285k/yr
- [Application Security Engineer](https://hotfix.jobs/jobs/d240253e-6098-4419-8f04-aaf793f42c03) - Zocdoc - Remote - $100k – $140k/yr
- [Detection & Mitigation Engineer](https://hotfix.jobs/jobs/61def9c4-f4a5-41a5-99c6-579a61033a73) - Cloudflare
- [Security & Compliance Operations Manager](https://hotfix.jobs/jobs/90ac6643-526f-4aeb-bb4f-d71bc1af1fcd) - Mintlify - San Francisco, CA - $120k – $180k/yr

**Apply:** https://hotfix.jobs/jobs/f82741f3-c2fb-4af3-93d5-aca75fed0a7a
**Canonical:** https://hotfix.jobs/jobs/f82741f3-c2fb-4af3-93d5-aca75fed0a7a