Job Description
Role Overview
- We are hiring a Security Architect to design and own security across our entire ecosystem spanning:
- On-chain programs (Solana)
- Backend infrastructure (APIs, AWS, databases)
- Wallet + transaction flows
- Economic and incentive systems
This is a foundational role, working directly with founders and engineering teams to ensure all products are secure by design before development begins.
Role & responsibilities
- 1. Security Architecture (Primary Responsibility)
- Design end-to-end security architecture for each product before development
- Define trust boundaries, attack surfaces, and threat models
- Review all system architecture (backend + on-chain + APIs)
- 2. Threat Modeling & Risk Analysis
- Conduct structured threat modeling (STRIDE or equivalent)
- Identify risks across:
- Smart contracts (Solana programs)
- APIs and backend systems
- Wallet interactions and signing flows
- Maintain living threat models as products evolve
- 3. Smart Contract Security (Solana-Focused)
- Define secure design patterns for:
- PDA authority management
- Upgradeability vs immutability
- Access control & permissions
- Review program logic before and during development
- Work closely with Rust engineers on secure implementation
- 4. Key Management & Access Control
- Design secure systems for:
- Multisig (e.g., Squads)
- Treasury management
- Admin privileges
- Define hot vs cold wallet policies
- Ensure secure handling of signing flows and relayers
- 5. Infrastructure & Backend Security
- Architect security for:
- APIs (rate limiting, auth, abuse prevention)
- AWS/cloud environments
- RPC integrations (Helius, Triton, etc.)
- Define best practices for:
- Secrets management
- Database security
- CI/CD pipelines
- 6. Economic & Protocol Security (Critical)
- Identify and mitigate:
- MEV / front-running risks
- Liquidity manipulation
- Wash trading / incentive abuse
- Oracle manipulation
- Work with product team to ensure incentives are attack-resistant
- 7. Audit & External Security Management
- Lead coordination with external security firms
- Review audit reports and ensure proper fixes
- Validate remediation before deployment
- 8. Security Standards & Internal Framework
- Develop and maintain: Kind Security Standard (KSS)
- Create reusable security frameworks across:
- KindSwap
- Wallet
- Prediction markets
- APIs
- 9. Incident Preparedness
- Design:
- Emergency controls (pause, circuit breakers)
- Incident response processes
- Define monitoring and alerting strategy
Required Experience
- Must Have (Non-Negotiable)
- 3-8+ years in security architecture / application security / DevSecOps
- Experience with Web3 / blockchain security (Solana or Ethereum)
- Strong understanding of:
- Smart contract vulnerabilities
- Key management systems
- API and backend security
- Experience in threat modeling and system design
- Strongly Preferred
- Experience with Solana (Rust, Anchor, PDAs)
- Worked on:
- DeFi protocols
- DEX / AMM / aggregators
- Trading or financial systems
Apply tot his job
Apply To this Job