Mysten Labs

blockchain technologies

SecurityEngineer

$140–190k United States FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“Security Engineer at Mysten Labs. Skills: operational security, software security, custody systems, signing path hardening, anti-scam and anti-abuse tooling, code and design reviews, security issue investigation and response. Maintain and improve the custody systems that hold validator keys, operational keys, and important objects for Mysten-run smart contracts and general on-chain operations, including key generation, storage, access controls, signing workflows, aggregation, rotation, and recov”

What You'll Achieve.

accelerate the adoption of decentralized protocols; own the operational and software security of the Sui blockchain, wallet, Move language, and other Mysten systems; navigate the challenges of running world class infrastructure; detecting phishing sites, malicious dApps, drainer contracts, and other threats that target Sui users; drive concrete fixes that prevent the same class of issue from recurring

Industry & Context.

blockchain technologies

Problems you'll solve

diving into unfamiliar codebases; shipping the fix yourself rather than handing it off; investigation and response for security issues and incidents; drive concrete fixes that prevent the same class of issue from recurring

Eligibility Requirements

Employment is contingent upon the successful completion of a background check, which may include verification of employment history, education credentials, criminal history, and other relevant information.

What They're Looking For.

Must Have

3+ years of hands-on experience in security engineering, application security, or product security, Knowledge relevant to key management in production, for example HSMs, cloud KMS, MPC or threshold-signature systems, hardware wallets, or comparable custody infrastructure, Proficiency in one or more of: Rust, TypeScript, Python, or Move, and experience reviewing and writing security-sensitive code, Solid understanding of applied cryptography fundamentals and the common ways cryptographic systems are misused in practice

Nice to Have

Interest in the web3 space, prior experience shipping in crypto, fintech, or other regulated/high-stakes environments is a plus

What You'll Do.

Maintain and improve the custody systems that hold validator keys

and important objects for Mysten-run smart contracts and general on-chain operations

including key generation

and recovery procedures

Harden the signing path end-to-end: review and improve the code

and operational practices around how transactions are authorized

and submitted on-chain

Build and improve anti-scam and anti-abuse tooling for the Sui ecosystem

detecting phishing sites

and other threats that target Sui users

and partnering with wallet ecosystem teams on mitigations

Conduct code and design reviews of components that interact with sensitive keys or handle on-chain assets

with a focus on cryptographic correctness

and operational safety

Participate in investigation and response for security issues and incidents that touch custody or ecosystem abuse

and drive concrete fixes that prevent the same class of issue from recurring

How You'll Work.

Team & Collaboration

support and work closely with the engineers working on the sensitive components of these systems; partnering with wallet ecosystem teams on mitigations; explain a finding or an issue clearly to the engineer who needs to fix it and to a non-technical stakeholder who needs to understand the risk

Communication Scope

written and verbal communication; explain a finding or an issue clearly to the engineer who needs to fix it and to a non-technical stakeholder who needs to understand the risk

Full Job Description

Mysten Labs believes that decentralized and open protocols are the bedrock of the internet of value. This is why at Mysten Labs, we are creating foundational infrastructure to accelerate the adoption of decentralized protocols based on blockchain technologies. OVERVIEW Security engineers own the operational and software security of the Sui blockchain, wallet, Move language, and other Mysten systems. Security engineers support and work closely with the engineers working on the sensitive components of these systems. In addition, they are the key points of contact for audit engagements and bug bounty reports. We are hiring security engineers now as we expand the ecosystem and production services. We have a strong team in protocol security, but we need experts in operational and software security who can help us navigate the challenges of running world class infrastructure. Responsibilities - Maintain and improve the custody systems that hold validator keys, operational keys, and important objects for Mysten-run smart contracts and general on-chain operations, including key generation, storage, access controls, signing workflows, aggregation, rotation, and recovery procedures - Harden the signing path end-to-end: review and improve the code, infrastructure, and operational practices around how transactions are authorized, reviewed, and submitted on-chain - Build and improve anti-scam and anti-abuse tooling for the Sui ecosystem, detecting phishing sites, malicious dApps, drainer contracts, and other threats that target Sui users, and partnering with wallet ecosystem teams on mitigations. - Conduct code and design reviews of components that interact with sensitive keys or handle on-chain assets, with a focus on cryptographic correctness, access control, and operational safety - Participate in investigation and response for security issues and incidents that touch custody or ecosystem abuse, and drive concrete fixes that prevent the same class of issue from recurring Pref

Free ATS check

Applying for this Security Engineer role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 46 detected · ranked by frequency

operational security ×3

software security ×3

security engineering ×3

application security ×3

product security ×3

key generation ×3

storage ×3

access controls ×3

signing workflows ×3

aggregation ×3

rotation ×3

recovery procedures ×3

transaction authorization ×3

review ×3

submission on-chain ×3

anti-scam tooling ×3

anti-abuse tooling ×3

detecting phishing sites ×3

malicious dApps ×3

drainer contracts ×3

cryptographic correctness ×3

operational safety ×3

investigation and response for security issues and incidents ×3

driving concrete fixes ×3

custody systems ×2

signing path hardening ×2

anti-scam and anti-abuse tooling ×2

code and design reviews ×2

security issue investigation and response ×2

HSMs ×2

cloud KMS ×2

hardware wallets ×2

BEHAVIOURAL

builder mentalitycomfortable operating with ambiguitydiving into unfamiliar codebasesshipping the fix yourself rather than handing it off

Role Details

Experience 3–5 yrs

Level Mid

Work Mode Remote

Type FULL TIME

Category security

Salary Band 100k-150k

AI-Extracted Insights

Domain Areas

sui-blockchainwalletmove-languagedecentralized-protocolsblockchain-technologiescustody-systemson-chain-operationssmart-contracts

How to Apply on Ashby

Ashby is a fast modern ATS — most applications take under 3 minutes.
The resume parser is strong; verify parsed experience dates and job titles.
Custom screening questions are often scored algorithmically — answer completely.
Location field affects geo-based screening; use your actual metro area.

ANONYMOUS · UNFILTERED

What do employees actually say about Mysten Labs?

Real rants from real employees. Read before you apply.

Read Company Rants →