This job post is closed and the position is probably filled. Please do not apply. Work for Worldcoin and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 403 9 months ago
\nAbout the Company:\n\nWorldcoin (www.worldcoin.org) is an open-source protocol, supported by a global community of developers, individuals, economists and technologists committed to expanding participation in, and access to, the global economy. Its community is united around core beliefs in the inherent worth and equality of every individual, the right to personal privacy, and open and public collaboration. These beliefs are reflected in what the community is building: a public utility to connect everyone to the global economy.\n\nThe Worldcoin Foundation (www.worldcoin.foundation) is the protocolโs steward and will support and grow the Worldcoin community until it becomes self-sufficient. Tools for Humanity (www.toolsforhumanity.com) is a global hardware and software development company. It helped launch Worldcoin and continues to provide support to the Foundation, in addition to operating the World App.\nThis opportunity would be with Tools for Humanity.\nAbout the Orb\n\nWorldcoin's launch requires a "Proof-of-Personhood": a way to determine someone is human (not a bot) and hasn't already claimed their free share of Worldcoin. This is why we developed the Orb.\n\nThe Orb is an advanced biometric imaging device, custom-designed for Worldcoin's launch. Orbs are deployed to a global network of operators, who use the device to onboard new Worldcoin users. During this onboarding, the Orb will generate a hash of each user's iris and submit it to Worldcoin's trustless backend (built on Ethereum). For more details on how the Orb is part of Worldcoin's privacy-preserving approach to Proof-of-Personhood, see How the Launch Works.\n\nThe Orb solves a fierce combination of engineering and UX challenges, centered around image quality, security, and ease-of-use. Each device has an advanced iris imaging system, designed to work consistently across real-world lighting conditions. An additional suite of sensors feeds into an onboard fraud detection system, enabling use in unsecured environments. These systems are combined in a sleek industrial design with a simple, minimalist user interface.\nAbout the Team\n\nFor Worldcoin to launch successfully on a global scale, we need to both ensure fairness and build trust with our users. Therefore, it is essential to prevent fraud, protect privacy, and ensure availability.\n\nBeyond regular company security the goal of security at Worldcoin is to deploy an edge device to unsecured environments. We consider a wide range of threats that span tampering with the device, spoofing the device as well as backend attacks. The cross-disciplinary nature of this team requires interfacing with various other teams across the company including Economics, AI, Backend and Orb Software. We are a small security team and you will have a huge impact!\nAbout the Opportunity\n\nYou will:\n\n\nPerform security-focused code reviews and own the vulnerability management process\n\nSupport and consult with Worldcoin teams in the area of application security, including threat modeling and security reviews\n\nGrow and develop the secure application design process\n\nAssist teams in reproducing, triaging, and addressing application security vulnerabilities discovered by internal tools and our bug bounty program.\n\nGrow and develop the bug bounty program.\n\nAssist in development of security processes and automated tooling that prevent classes of security issues.\n\n\n\nAbout You\n\n\n* 6+ years of technical experience with at least 3 years of experience leading efforts in ApplicationSecurity.\n\n* Experience in Programming languages such as Python, Go, and Rust\n\n* Experience with Application Security Testing Tools such as SAST, DAST, IAST or SCA. \n\n* Familiarity with OWASP Top 10 and other Secure Development Life Cycle practices.\n\n* Familiarity with AWS architecture/ecosystem.\n\n* Familiarity with API security\n\n* Code review experience\n\n* Container security experience\n\n* Experience automating services/tools\n\n* \nExperience leading threat modeling sessions with developers\n\n \n\n\n\n\n\nNice to have: \n\n\n* Application security architect and design experience\n\n* Experience as a Security Champion \n\n* Experience with Kubernetes and AWS EKS\n\n* Familiarity with how containers work and how to secure containers.\n\n* One or more of the following AWS certifications: AWS Certified Solutions Architect, AWS Certified Security - Specialty, AWS Certified Developer\n\n* One or more of the following certifications: CISSP, GWAPT, GPEN, CEH, CSSLP, and Sec+.\n\n\n\n\n \n\nPay transparency statement (for CA and NY based roles): \n\nThe reasonably estimated salary for this role at TFH ranges from $236,000 - $323,000, plus a competitive long term incentive package. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, TFH offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, vision, 401(k) plan and match, life insurance, flexible time off, commuter benefits, professional development stipend and much more!\n\n \n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Design, Testing, API, Senior, Engineer, Backend and Digital Nomad jobs that are similar:\n\n
$60,000 — $110,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐
We hire old (and young)\n\n
\n\n#Location\nWorldwide