Staff KMS Security Engineer (Security) at Phantom

Company Overview

Phantom builds a self-custodial crypto wallet used by millions to manage accounts and tokens across Solana, Bitcoin, Ethereum, and Polygon. Security is central to the product, and the team is focused on delivering a secure, easy to use wallet experience at scale.

Role Summary

Staff KMS Security Engineer will own critical security infrastructure and services related to key management for wallet infrastructure. You will perform security assessments, identify and mitigate vulnerabilities, lead cross-team projects, and help embed security throughout the software development lifecycle.

Responsibilities

• Own critical key management infrastructure and services that secure wallet operations.
• Perform regular security assessments of projects, infrastructure, and code, using manual testing and automated tooling.
• Identify, exploit, and mitigate security vulnerabilities in code, systems, and networks, producing proof of concepts as needed.
• Threat model services and integrate threat intelligence into secure design and remediation plans.
• Work with development teams to implement secure coding practices and ensure the integrity of cryptographic functions.
• Write clear technical reports, present findings to engineering and management, and drive remediation efforts to closure.
• Participate in incident response and incident management activities when required.
• Lead large cross-team security projects and mentor teams on security best practices.

Qualifications

• 7+ years of experience in offensive security, application security, or security engineering, with strong focus on cryptography and blockchain security preferred.
• Experience building or operating Key Management Services, including familiarity with HSMs and trust computing primitives.
• Practical knowledge of TEEs such as AWS Nitro Enclaves or Intel SGX, and experience integrating them into secure systems.
• Strong capability in application security for web and mobile platforms, including code review in JavaScript and TypeScript.
• Experience producing proof of concept exploits and validating patches and mitigation code for correctness.
• Excellent analytical and problem-solving skills, with strong verbal and written communication abilities.
• Hands-on experience working as a security engineer at crypto or blockchain companies is highly desirable.

Nice to Have

• Experience developing key management solutions and working with HSM vendors.
• Familiarity with blockchain-specific security challenges and operational practices.

Benefits and Compensation

Phantom offers a competitive base salary and equity participation. The target base salary range for this role is $250,000 to $285,000 plus equity and benefits. Benefits include comprehensive medical, dental, and vision insurance with generous company contributions, a stipend for remote setup, flexible hours, unlimited vacation, a 401(k) retirement plan, monthly wellness benefits, weekly meal benefits, and global off-sites.

Why Work with Us

Join a team of experienced builders shaping the future of multi-chain wallet experiences. You will play a central role securing the product as Phantom scales to millions of users and expanding the security posture across platform, client, and infrastructure layers.

How to Apply

Apply via the job posting URL. This site is protected by reCAPTCHA and Google Privacy Policy and Terms of Service apply.