Security Engineer at Jito.Wtf
You're a software engineer with about five years of professional experience, who has transitioned into product security and is comfortable building custom testi
Work type: remote
Location: USA
Salary: $175,000 – $195,000/yr
Type: Full-time
Summary
You're a software engineer with about five years of professional experience, who has transitioned into product security and is comfortable building custom testing frameworks and AI security tooling. A Bachelor's degree in Computer Science, Computer Engineering, or a related technical field is essential.
**What makes it worth a look...**
Jito.Wtf is offering USD 175,000 - 195,000 per year for this fully remote role in the USA, with above-market total compensation and multiple forms of equity. They also provide 100% employer-paid health benefits and all-expenses-paid team retreats.
**You might be a good fit if you...**
* Have experience with threat modeling, secure design review, whitebox code review, and vulnerability testing.
* Possess a solid understanding of identity and access management concepts and tooling.
* Are proficient in at least one systems or backend language like Rust, Go, or Python.
* Have a track record of building security tooling or automation from scratch.
Job Description
Jito builds the Market Layer of Solana: the execution systems, capital markets, and incentive mechanisms that power real markets on-chain.
Our products process billions in daily transaction value. The Jito-Solana validator client runs on the vast majority of Solana's active stake. BAM is redefining how blocks get built. JitoSOL is the leading liquid staking token on the network. We are not building at the margins. We are building core infrastructure that Solana's economy runs on.
Now we're moving up the stack, bringing that same infrastructure advantage to products that traders and users interact with directly.
We're around 25 people, we have product-market fit across multiple product lines and years of runway. We take hard problems seriously and move fast on them. Nothing is out of reach.
About the role:
We’re growing our security team and looking for an engineer who can own a broad operational and technical scope - someone equally at home triaging an access request, running a security review, or building a custom testing framework. This role will report directly to the Head of Security, working closely to strengthen and scale our security posture across the organization.
## Responsibilities:
- Identity and access management - provisioning, lifecycle operations, and monitoring for critical changes
- Security reviews across our product portfolio - threat modeling, code review, fuzzing, and functional testing
- Day-to-day bug bounty operations - triage, remediation tracking, and escalation of high-severity findings
- AI security research and tooling - adversarial testing frameworks for agent controls, with a focus on reusable patterns
- Software supply chain monitoring - malicious package detection beyond standard CVE scanning
- External penetration test coordination - scoping, logistics, and post-engagement remediation tracking
- Compliance documentation and evidence gathering as requirements emerge
## Who You Are:
- A software engineering background is essential - you've built production systems and that foundation shapes how you approach security
- You've since moved into product security and are fluent in the full lifecycle: threat modeling, secure design review, whitebox code review, and vulnerability testing
- Solid understanding of identity and access management concepts and tooling
- Genuine interest in AI security with the ability to build adversarial testing tooling
- A thoughtful approach to software supply chain risk beyond checkbox scanning
- Strong written communication - documentation is a real part of this job
- Comfortable with high ownership and working autonomously on a small team
## Qualifications:
- Bachelor's degree in Computer Science, Computer Engineering, or a related technical field
- 5+ years of professional experience, with a meaningful portion in software engineering before transitioning into security
- Proficiency in at least one systems or backend language (e.g. Rust preferred, Go, Python, C++) - you will be expected to write code, build tooling, and read production codebases as a routine part of this role
- Demonstrated experience in product or application security - not solely infrastructure or compliance-focused roles
- Track record of building security tooling or automation from scratch
- Experience conducting or leading security reviews on production software systems
## Nice-to-Have:
- Hands-on experience with mobile device management (MDM) platforms and endpoint policy enforcement
- Familiarity with enterprise IAM systems and SSO - configuration, integration, and audit
- Experience with privileged access management (PAM) tooling and the operational patterns around it
- Strong Linux administration skills - comfortable at the command line, understanding of kernel-level security primitives, and experience hardening Linux environments
- Experience with multisig schemes - signing policy design, quorum configuration, or key management in a production context
- Familiarity with hardware security modules (HSMs) - integration, key lifecycle management, or operational use
- Exposure to trusted execution environments (TEEs) - understanding of attestation, confidential compute, or secure enclave design
## Benefits:
- Salary based on experience
- Above-market total compensation and multiple forms of equity
- 100% employer-paid health benefits
- All-expenses-paid team retreats and conferences
About the role:We’re growing our security team and looking for an engineer who can own a broad operational and technical scope - someone equally at home triaging an access request, running a security review, or building a custom testing framework. This role will report directly to the Head of Security, working closely to strengthen and scale our security posture across the organization.
View this job on nocollar jobs