Vietnam
Full time
On-site
Security
Sky Mavis is building the future of gaming. We’re the creators of Axie Infinity, the most successful Web3 game ever, and Ronin, a purpose-built blockchain that ranked as the 4th most-used chain in 2024, behind Ethereum, Bitcoin, and Solana.
We’ve processed over $4.3 billion in on-chain volume and are backed by more than $170 million from top-tier investors, including a16z, Accel, Libertus Capital, and Paradigm.
Our team moves fast, builds with intention, and believes in a world where players truly own what they earn. If you’re excited by open economies, massive scale, and shaping new digital frontiers, join us.
The Security team drives Web2 and Web3 security for all of Sky Mavis games and digital assets, including the Ronin blockchain network, Ronin wallet, and more. With experience spanning many blockchain startups as well as recognized companies (Coinbase, Circle, JP Morgan Chase, Microsoft, Amazon, etc), the security team is building strong security policies and SDLC processes internally.
The Web2 Security Engineer is responsible for product security developed by the engineering team. This individual will be embedded with the product engineering team to drive security best practices and ensure the safety of the product(s). The security engineer will perform threat modeling, running scanning tools, audit the code base, work closely with engineering to resolve security vulnerabilities, and ensure a secure product launch. The product the security engineer will be embedded in will change, but the responsibilities remain the same: secure Sky Mavis product launches.
Sky Mavis is fast adopting GenAI solutions to 100x our engineers. The security engineer will have the opportunity to learn and leverage AI to enhance and automate their workstream to improve our security best practices. This role is based in Ho Chi Minh City, Vietnam.
Security assessments: Perform internal and external assessments of products (games, wallet, etc) to ensure the highest level of security before launch, including conducting threat modeling, tabletop exercises, and code reviews. Put on your white hat and go hunt for security vulnerabilities.
Monitoring: Ensure the product generates logs that can be continuously monitored.
Incident response: Maintain and update a runbook of procedures for handling and escalating security incidents. Participate in the incident response process to address and resolve application security incidents.
Evaluate new technology: Identify and evaluate new security technologies/tooling to adopt internally to continuously improve Sky Mavis’ security best practices.
Drive impact: Identify security gaps and drive positive change to improve Sky Mavis’ security posture.
Cross-functional collaboration: Collaborate with the engineering team to identify security gaps in product architecture. Works well with others and is highly responsive.
Education: Bachelor’s or master’s degree in computer science or related field.
Experience: 2+ years in software engineering. Audited products/solutions.
Programming Languages: Strong knowledge of Go/Rust/JavaScript/React.
Skills/Knowledge: Hands-on expertise in application security. Can audit Web/Mobile code. Familiarity with static and dynamic analysis tools (vulnerability scanners).
Attitude: Bias for action, driven to learn, top talent.
Strong communicator and active listener: Clear communication (English) and capable of building trust across diverse teams.
Problem-Solving: Strong analytical and problem-solving skills to identify and resolve security issues.
Bonus: Gamer, active crypto user, does hackathons on weekends.
Nice to Have:
Python scripting.
Experience using LLMs.
Other similar jobs that might interest you
