Product Security Engineer – DeFi

Introduction

FalconX is a pioneering team of operators, investors, and builders committed to revolutionizing institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX addresses the industry's foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever- evolving cryptocurrency landscape.

Location

Remote / Hybrid

Role

FalconX is seeking a Product Security Engineer to focus on DeFi product and application security. You will partner with engineering and product teams to review proposed strategies, assess smart contracts for security risks, and guide secure design decisions. This role reports into the FalconX Security Team, and in addition to DeFi-focused work, you’ll contribute to broader application security initiatives such as data security, identity and access management (IAM), secure development lifecycle (SDLC), and code review practices.

Responsibilities

• Review DeFi strategies, protocol designs, and smart contracts for security risks and failure modes.
• Evaluate markets-related activities (e.g., liquidity provision, governance, cross-protocol integrations) for systemic vulnerabilities.
• Provide secure design input for new features and applications.
• Identify and mitigate threats including reentrancy, oracle manipulation, flash loan exploits, MEV, and governance exploits.
• Partner with the security team to advance application security initiatives:

+ Threat modeling and design reviews. + Data security and access control design. + Identity and access management (IAM). + SDLC improvements and developer enablement.

• Collaborate with external auditors and internal stakeholders to validate findings and track remediation.

Requirements

• 4+ years in application/product security, with strong exposure to DeFi protocols and markets.
• Expertise in smart contract security (Solidity, EVM internals, known attack classes).
• Experience with threat modeling and secure design reviews.
• Familiarity with DeFi primitives (AMMs, lending, oracles, governance, bridges).
• Understanding of cryptography, key management, and wallet security.
• Strong ability to articulate risks and proposals.