Security Engineer

Join to apply for the Security Engineer role at LEDN . About Ledn LEDN is a global financial services company that delivers digital asset lending, savings, and trading products across more than 150 countries. We believe that digital assets can democratize access to the global economy and are building products and services that enable that vision. Our core values are act with integrity, own it, have a passion for progress, and lead with empathy. Opportunity We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role drives tactical improvements and long‑term strategy for securing our applications and authentication systems across JavaScript/TypeScript services, AWS serverless stack, MongoDB, Kubernetes microservices, and more. Responsibilities Application Security: Lead secure design and code reviews across engineering teams; define and enforce secure coding practices; automate vulnerability detection (SAST, SCA, DAST); conduct threat modeling; partner with engineers to remediate vulnerabilities. Authentication & Identity: Own the roadmap for authentication and identity across customer and internal applications; enhance Cognito-based identity architecture with phishing‑resistant MFA solutions (WebAuthn, passkeys, hardware tokens); define secure session management and device trust approaches. Confidential Computing (AWS Nitro Enclaves): Design enclave‑based architectures; integrate Nitro Enclaves with KMS and secure APIs; migrate high‑value operations into enclave environments; ensure compliance, auditability, and resilience. Additional Security Domains: Harden AWS services with least‑privilege IAM and secure key management; improve Kubernetes security posture; deploy and operate a SIEM framework with detection rules and incident playbooks; support SOC 2, ISO 27001 compliance initiatives. Qualifications 10+ years of proven experience in Application Security focused on web and cloud‑native applications. Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10). Expertise with AWS security best practices, especially for serverless architectures. Hands‑on experience with AWS Nitro Enclaves for confidential computing. Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2). Practical experience with Cognito/Auth0 (MFA, custom flows, secure session handling). Background in SIEM design and log correlation across cloud and application layers. Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning). Experience with Secure Code Review and software supply chain security. Strong communication and collaboration skills; able to influence engineering and product teams. Nice to Haves Familiarity with Bitcoin custody and key management practices. Knowledge of Infrastructure as Code security (Terraform, AWS CDK). Prior work on user‑facing security features such as passwordless authentication and device trust. Culture Fit Adaptable, resilient, and comfortable navigating ambiguity in a fast‑paced, high‑growth environment. Builder’s mindset, excited to create, iterate, and scale security practices. Collaborative partner who influences across functions and cultures with empathy and clarity. Demonstrates integrity and accountability, especially around confidential information and diverse legal contexts. Has worked in a remote environment and can manage a remote first organization. Benefits Competitive PTO package and flexible work arrangements; remote work allowed up to 180 days per year. Ownership in the company through equity and crypto‑asset incentives. Growth opportunities in a leading digital‑asset company. Comprehensive total rewards package, including remote benefits and health coverage. LEDN is an equal‑opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Accommodation requests can be submitted confidentially throughout the recruitment process. #J-18808-Ljbffr