Polygon Labs

blockchain payments

SeniorApplicationSecurityEngineer

LATAM FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Senior candidates.

The Brief

“Senior Application Security Engineer at Polygon Labs. Skills: Application Security, Smart contract security, AI workflow depth, Full-stack security fluency. Own end-to-end security reviews across smart contracts (Solidity), backend services (Go, TypeScript, Python), and frontend surfaces. producing written findings at the quality level of a top external audit firm, published and used as the internal standard”

Industry & Context.

blockchain payments

Problems you'll solve

reasons about changes in context; separate signal from noise; push back where a fix addresses symptoms rather than root cause

What They're Looking For.

Must Have

Full-stack security fluency across multiple languages, Solidity, Go, TypeScript, and Python are the surfaces that matter most here, Smart contract security as a core competency, production experience auditing or building secure Solidity, deep familiarity with EVM internals, common DeFi protocol patterns, the historical record of smart contract exploits, Proven AI workflow depth, not just tool usage, built custom prompt chains, CI integrations, and task-specific plugins (using tools like Claude Code and Codex) for security work specifically, can speak clearly about where AI accelerates and where human judgment is irreplaceable, Experience making security decisions under real time pressure in a Web3 environment, A public portfolio that demonstrates your security thinking: audit reports, bug bounty writeups, research posts, or open-source tooling

Nice to Have

Experience running or contributing to a structured bug bounty program (triage, researcher communication, severity calibration), Direct exposure to payments protocols, stablecoin infrastructure, or regulated fintech environments, Prior work building security tooling that other engineers actually use, not just internal scripts, but something with adoption

What You'll Do.

Own end-to-end security reviews across smart contracts (Solidity)

and frontend surfaces

producing written findings at the quality level of a top external audit firm

published and used as the internal standard

Build and ship an agentic security CI/CD pipeline

agent-driven review that runs autonomously against every PR and release candidate

reasons about changes in context

and gets smarter with each deployment

Design and maintain specialised AI-powered code reviewers tuned to specific vulnerability classes and surfaces

and calibrated to the actual patterns Polygon's products surface

Triage and manage the bug bounty program

read incoming submissions daily

reproduce valid findings

separate signal from noise

and route confirmed issues to engineering with enough context to fix them correctly

using custom AI workflows to maintain rigor at volume

Follow through on remediation

review proposed fixes

close out resolved findings

and push back where a fix addresses symptoms rather than root cause

Embed across engineering teams at all stages

not a sign-off function

Lead the team's AI security practice by example

build custom prompt chains

Claude Code workflows

and Codex integrations tailored to specific security tasks

then demo and share them so the whole team's baseline rises

How You'll Work.

Team & Collaboration

work across every engineering team at every stage of development, from sprint planning to post-ship remediation; Embed across engineering teams at all stages, sprint planning, design review, feature freeze, post-launch, as a working partner, not a sign-off function

Communication Scope

producing written findings at the quality level of a top external audit firm; can speak clearly about where AI accelerates and where human judgment is irreplaceable

Full Job Description

ABOUT POLYGON LABS Polygon Labs is a global blockchain payments company building and operating infrastructure to move money instantly, reliably, and at internet scale, with the mission to move all money onchain. It is building the Polygon Open Money Stack, an open and integrated stack of services and technologies to instantly and reliably move money anywhere, and put it to work. Its infrastructure has facilitated trillions of dollars in onchain value transfer and supported millions of transactions daily for some of the globe's largest banks, fintechs, enterprises, and consumer applications. YOUR ROLE Polygon's Application Security team sits at the intersection of every product we ship. With a growing engineering org, an active bug bounty program fielding 30+ open submissions at any given time, and products going live across smart contracts, backend services, and infrastructure simultaneously, the team needs more depth, not a gatekeeper, a builder. You will report directly to the Application Security Lead and work across every engineering team at every stage of development, from sprint planning to post-ship remediation. Your job is to make security scale faster than the attack surface grows. YOUR RESPONSIBILITIES - Own end-to-end security reviews across smart contracts (Solidity), backend services (Go, TypeScript, Python), and frontend surfaces, producing written findings at the quality level of a top external audit firm, published and used as the internal standard - Build and ship an agentic security CI/CD pipeline: agent-driven review that runs autonomously against every PR and release candidate, reasons about changes in context, and gets smarter with each deployment - Design and maintain specialised AI-powered code reviewers tuned to specific vulnerability classes and surfaces, Solidity-aware, protocol-aware, and calibrated to the actual patterns Polygon's products surface - Triage and manage the bug bounty program: read incoming submissions daily, reproduce valid

Free ATS check

Applying for this Senior Application Security Engineer role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 36 detected · ranked by frequency

Application Security ×3

end-to-end security reviews ×3

agent-driven review ×3

AI-powered code reviewers ×3

Solidity-aware ×3

protocol-aware ×3

reproduce valid findings ×3

assign severity ×3

route confirmed issues ×3

review proposed fixes ×3

custom prompt chains ×3

Claude Code workflows ×3

Codex integrations ×3

security thinking ×3

audit reports ×3

bug bounty writeups ×3

research posts ×3

open-source tooling ×3

triage ×3

researcher communication ×3

severity calibration ×3

Smart contract security ×2

AI workflow depth ×2

Full-stack security fluency ×2

Claude Code ×2

Codex ×2

Solidity

TypeScript

Python

EVM internals

DeFi protocol patterns

BEHAVIOURAL

builderworking partnerhuman judgment is irreplaceable

Role Details

Experience 5–10 yrs

Level Senior

Work Mode Remote first global workforce

Type FULL TIME

Category application-security-&-smart-contracts

AI-Extracted Insights

Domain Areas

blockchain-paymentsevm-internalsdefi-protocol-patternsweb3-environmentpayments-protocolsstablecoin-infrastructureregulated-fintech-environments

How to Apply on Ashby

Ashby is a fast modern ATS — most applications take under 3 minutes.
The resume parser is strong; verify parsed experience dates and job titles.
Custom screening questions are often scored algorithmically — answer completely.
Location field affects geo-based screening; use your actual metro area.

ANONYMOUS · UNFILTERED

What do employees actually say about Polygon Labs?

Real rants from real employees. Read before you apply.

Read Company Rants →