Senior Application Security Engineer – Web 3

We are looking for a versatile Senior Application Security Engineer – Web 3 to join the team to continue to mature the application security practices at BitGo. This exciting opportunity empowers you to ensure vulnerabilities are prevented, or detected as early as possible. You get the opportunity to make a real and meaningful difference. We want you to focus on quality over noise. Automation over manual work. Your work would take place during regular business hours working with the local team. From time to time evening meetings will be necessary.

Responsibilities:

• Build and secure scalable backend APIs, libraries, and services for custody, staking, and tokenization
• Perform architectural reviews and threat modeling across full-stack systems
• Implement and maintain static/dynamic analysis pipelines for Web3 apps
• Review smart contracts and dApp integrations (frontend, backend, Web3 layers)
• Write and deploy security tooling (e.g., Slither, Foundry fuzzers, Semgrep, CodeQL)
• Partner with product and DevOps teams to integrate security throughout the SDLC
• Monitor evolving blockchain attack vectors (MEV, oracle abuse, signature replay, etc.)
• Drive the remediation of security issues and contribute to postmortems and mitigations

Skills & Experience:

We are looking for teammates who share and practice our values: open communication, transparency, taking ownership, and a high level of craftsmanship. We are looking for coworkers who share our vision and mission: deliver trust in digital assets.

Required:

• 5+ years in backend engineering, application security, or product security
• Proficiency in TypeScript/Node.js, Python, SQL, and React
• Experience building secure APIs, services, or distributed systems
• Familiarity with authentication/signature schemes (OAuth2, HMAC, EIP-712)
• Strong security fundamentals — from vulnerability triage to defense-in-depth
• Git-based workflows, CI/CD, code reviews, and test automation

Preferred:

• 2+ years securing or building Web3 apps, dApps, or DeFi platforms
• Solidity experience or familiarity with smart contract testing frameworks (Hardhat, Foundry)
• Knowledge of ERC standards, upgradable proxies, MPC wallets, and governance
• Experience with bug bounty platforms (Immunefi, Hackenproof, Code4rena, etc.)
• Contributions to open-source security or audit tools

Why Join BitGo?

Disrupting an industry takes vision, innovation, passion, technical chops, drive to deliver, collaboration, and execution. Join a team of great people who strive for excellence and personify our corporate values of open communication, collaboration, accountability, craftsmanship, and a client first approach. We are looking for new colleagues who bring innovative ways of thinking and problem solving, and who want to be part of the team that changes the world’s financial markets.

Here are some of the benefits of working at BitGo:

• Competitive salary
• IT equipment support for work
• Meal & Commute allowance
• Medical Insurance
• Attractive Well-being allowance (comprises of medical, wellness and fitness aspects)
• Snacks: on-the-house in the Bangalore office
• Great/Talented workforce to learn and grow with

Note: This role requires working onsite (Monday to Friday) at the Bangalore office.

Cryptocurrencies are the most disruptive change the financial services industry has seen in years. Join us and you’ll be able to look back and say you were part of the team that transformed finance.