Senior Application Security Engineer

Interested in working on cutting-edge blockchain technology and creating equitable access to the global financial system? Since 2014, the mission-driven team at the Stellar Development Foundation (SDF) has helped fuel the tremendous growth of the Stellar blockchain network, an open-source platform that operates at high-scale today. Developers and companies around the world build on it, and the SDF team is expanding to support the rapidly growing and changing Stellar ecosystem.

SDF is looking for a Senior Security Engineer to help shape and scale the security program across the Stellar ecosystem. This isn't a policy role; it’s an operational one. You will be responsible for executing the core technical work that keeps the network and its users safe: vulnerability management, bug bounty orchestration, incident response, and detection engineering.

In this role, you will:

Vulnerability Management & AppSec

• Orchestrate Scanning: Own the end-to-end lifecycle of our security stack (Wiz/Orca, Trivy/Grype, Semgrep/CodeQL, and Socket). You’ll manage schedules, tune outputs to reduce noise, and partner with engineering to drive remediation.

• Manual Assessments: Conduct deep-dive security reviews of SDF codebases, APIs, and infrastructure configurations on a regular cadence.

• Supply Chain & SBOMs: Monitor dependencies for newly disclosed CVEs using Dependabot and Socket; maintain and automate our Software Bill of Materials (SBOM) workflows.

• Third-Party Audits: Manage external audits from scoping to final report—handling info-sharing, findings intake, and public-facing remediation summaries.

Detection & Incident Response

• Incident Leadership: Act as the lead for security incidents: managing triage, containment, forensics, and stakeholder communication through to resolution.

• Detection Engineering: Dig through logs and investigate anomalies in the SIEM. You will write, tune, and maintain detection rules to ensure our alert library remains relevant and actionable.

• Forensics & Hunting: Perform deep-dive forensic work (log reconstruction, lateral movement analysis) and run proactive threat-hunting exercises based on current intel.

• Operational Readiness: Maintain IR playbooks and detection runbooks, ensuring they are updated with "hard-won" learnings after every significant event.

Ecosystem & Community

• Bug Bounty Orchestration: Manage SDF’s programs on HackerOne and Immunefi. You’ll triage submissions, calculate CVSS scores, coordinate with engineering for validation, and manage researcher payouts.

• Community Engagement: Represent SDF in community forums and at conferences, sharing insights derived from real operational work rather than hypotheticals.

• Developer Enablement: Write and maintain "paved road" security guidance for Stellar and Soroban developers, including secure coding standards and threat model templates.

You are:

• The 10-Year Veteran: You have a decade of experience across SecOps, AppSec, or Detection Engineering, with a proven track record of owning high-volume security programs.

• The SIEM Expert: You are proficient in writing complex detection logic and managing alert fatigue in platforms like Splunk, Elastic, or Chronicle.

• The Battle-Tested Responder: You’ve led high-pressure incidents through the entire lifecycle, from initial "bump in the night" to the final post-mortem.

• Cloud Native: You are comfortable auditing AWS environments (IAM, VPC, Logging) using tools like Prowler, Steampipe, or Cloud-native APIs.

• Tech Stack Proficient: You have hands-on experience with the modern security stack: Wiz, Semgrep, CodeQL, tfsec, and osquery.

• Communication Pro: You can translate a complex exploit into a clear risk assessment for leadership and a "how-to-fix" guide for engineers.

Bonus points if you have:

• Experience with the Stellar protocol, XDR, Horizon API, or the Soroban (Rust/WASM) smart contract ecosystem.

• Deep knowledge of eBPF-based runtime detection (Falco/Cilium).

• Experience in Formal Verification or advanced smart contract auditing.

• Active contributions to open-source security projects or published research.

We offer competitive pay with a base salary range for this position of $140,000 - $170,000 depending on job-related knowledge, skills, experience, and location. In addition, we offer lumen-denominated grants along with the following perks and benefits:

USA Benefits/Perks:

• Competitive health, dental & vision coverage with most plans covered at 100% for the employee + any dependents

• Flexible time off + 15 company holidays including a company-wide holiday break

• Up to 12 weeks of paid parental leave for both non-birthing and birthing parents, as well as up to 14 weeks of paid pregnancy leave for birthing parents

• Gym reimbursement ($80 per month)

• Life & ADD (up to $50K)

• Short & Long term disability

• 401K with 4% match

• Health & Dependent Care FSA Accounts

• Commuter benefits with $250/month employer contribution

• Health Savings Account (HSA) with monthly employer contribution

• Family building benefits through Kindbody

• Wellbeing benefits (One Medical, Rightway, Headspace)

• L&D budget of $1,500/year

• Daily lunch and snacks in office

• Company retreats

About Stellar