Staff/Senior Security Engineer - DeFi

Who We Are and What We are Doing: Ethena Labs is actively building and deploying a suite of groundbreaking digital dollar products aiming to upgrade money into the internet era. Our flagship product, USDe, is a synthetic dollar backed by digital assets, and takes the novel approach of using a delta-neutral hedged basis strategy to maintain its peg. This product scaled from zero to $15b in 18 months. Expanding on this, iUSDe is designed specifically for traditional financial institutions, incorporating necessary compliance features to enable them to access the crypto-native rewards our protocol generates, in an institutional-friendly manner. Ethena has also developed USDtb: a fiat backed GENIUS compliant stablecoin in partnership with BlackRock which has scaled to ~$2b. These products are also offered in a whitelabel stablecoin offering where any application, chain, wallet or exchange can launch their own stablecoin on Ethena's back-end infrastructure. Through these offerings, Ethena Labs is not just creating new financial products; we are building the foundational infrastructure for a more open, efficient, and interconnected global financial system. Open job offerings will be focused on two new major product lines coming to market in the next few months. Join us!! The Role
We're hiring a Staff/Senior Security Engineer to lead our signing and treasury security program across wallets and custodian accounts. This is a high-impact, mission-critical role at the core of our business. Operating within the security department, you will partner closely with our core DeFi and trading teams to provide an objective security perspective while engineering safe, streamlined operational workflows. Your mission is to own the verification layer between operator intent and signature: independently confirming destination addresses, approvals, and calldata against on-chain truth, never just what a UI displays. The work bridges complex on-chain security with daily operations, securing defensible audit trails, robust infrastructure, and controls built to scale with Ethena's growth.

What You’ll Do

• Own the end-to-end design of our signing regime, including signer composition, thresholds, and intent communication, and continue evolving our pre-signature verification workflows for destination, calldata, and state-change confirmation.

• Manage, maintain and continuously upgrade canonical address and contract allowlist system and infra that manages it, ensuring every whitelisting or approval action is checked against this list pre-signature, requiring documented review for any additions.

• Operate and tighten real-time monitoring across wallets, custodians, and DeFi positions, keep it integrated with our SOC 2 incident-response workflows, and contribute to playbooks for evolving risk scenarios.

• Run independent technical reviews of new protocol integrations and keep our risk register current as positions and dependencies evolve.

• Continuously verify ERC-20 approval hygiene across the treasury, and partner with Finance on automated reconciliation between on-chain activity and accounting systems.

• Own the process of producing the documentation of controls, tooling, and decisions that our auditors, underwriters, and institutional counterparties expect.

What We’re Looking For

• Mastery of Solidity and the EVM; you can read arbitrary contracts and raw calldata without assistance. You are fluent in tools such as Tenderly, Foundry-based simulation, and trace analysis.

• Deep practical experience with Gnosis Safe, Coinbase Prime, Anchorage, and Fireblocks. Strong understanding of the operational failure modes inherent in browser-based custodian extensions and hardware wallet signing flows.

• Strong practitioner-level knowledge of DeFi protocols like Aave, Morpho, and Stargate. You understand risk parameters, oracle structures, and bridge message-passing mechanics.

• A security-first mindset that assumes a hostile environment by default. You possess a "vigilance disposition" - you are energized by rigorous verification and are committed to maintaining safety standards even when facing operational pressure.

• Proven ability to explain technical risks to non-technical stakeholders (COO team, executives, auditors). You are a self-starter comfortable owning infrastructure end-to-end and producing high-quality, audit-grade documentation.