Skip to content
Aptos

Information Security Engineer, Product

Product Security Engineer analyzes security issues through design reviews, code audits, and penetration tests, builds security tools and mitigations, provides guidance to engineers, and triages bug bounty reports. Requires 3+ years in vulnerability research, Rust/C experience, and automated security tooling.

United StatesSecurity EngineeringRemote3+ YOE
Apply

About the role

Responsibilities

  • Analyze and assess novel and recurring security issues via design reviews, code audits, and penetration tests.
  • Design and build security tools, and develop mitigations, frameworks, and hardening strategies tailored for vulnerability prevention and detection.
  • Review and develop secure operational practices, and provide security guidance for engineers.
  • Respond to and triage reports from bug bounty programs.

Minimum Qualifications

  • B.S. or M.S. in Computer Science, a related technical field, or equivalent experience.
  • 3+ years of experience in vulnerability research and exploitation.
  • Experience with native development practices and common vulnerability patterns (e.g., Rust, C, etc.)
  • Experience with automated security analysis tooling and frameworks (fuzzing, static analysis, etc.)

Preferred Qualifications

  • Contributions to the security community (public research, blogging, talks in relevant conferences, etc.)
  • Experience with virtual machines or complex runtime environments, such as MoveVM (extra bonus), EVM, WASM, or LLVM-based runtimes, including their security models, sandboxing, and execution isolation.
  • Familiarity with smart contract programming languages (extra bonus for Move), security tools, and frameworks, including formal verification.

Benefits

  • 100% insurance premium coverage for medical, dental, and vision for you and your dependents (US Employees)
  • Equipment of your choice
  • Flexible vacation time, 11 holidays, and floating company days off
  • Competitive Salary
  • Protocol Token Grants
  • 401k matching (US Employees)
  • Fun and inclusive in-person and digital events

Skills

RustCFuzzingStatic AnalysisMovevmEvmWasmLlvmMovePenetration TestingCode AuditsBug BountyVulnerability Research

Similar roles

Security Engineering jobs
Vercel

Product Security Engineer

Product Security Engineer driving threat modeling, secure code review, open-source security, SDLC tooling, and bug bounty management for Vercel's web platform built on Next.js and Node.js. Requires 5+ years securing web products with strong JavaScript/Node.js and cloud security expertise.

United StatesSecurity EngineeringRemote5+ YOESASTDAST
AKASA

IT Security Operations Engineer

IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.

150k – 190kSan Francisco, CASecurity EngineeringHybrid4+ YOEGoDlp
Novig

Security Engineer

Build and maintain security automation pipelines, AI agents, SOAR/SIEM integrations, vulnerability management, and IAM systems for a sports prediction market platform.

150k – 200kNew York, NYSecurity EngineeringOn-site5+ YOECdkIAM
Metropolis

Security Engineer II

Security Engineer II responsible for monitoring security alerts, responding to incidents, administering enterprise security tools, and supporting cloud and identity security initiatives. Requires 3+ years in cybersecurity or related fields with strong scripting and troubleshooting skills.

105k – 150kLos Angeles, CASecurity EngineeringOn-site3+ YOEAWSmacOS
Metropolis

Security Engineer II

Security Engineer II responsible for monitoring and responding to security alerts, administering enterprise security tools, supporting vulnerability and IAM programs, and securing cloud environments. Requires 3+ years in cybersecurity or related fields and scripting experience.

115k – 160kNew York, NYSecurity EngineeringOn-site3+ YOEAWSmacOS