Security Engineer

About Story

Story aims to transform the development and distribution of creative intellectual property in the digital age by facilitating collaboration and innovation. By creating an open IP repository that tracks and enhances creative works across various media forms, Story enables seamless collaboration and ensures proper recognition and provenance for creators. Just as Git revolutionized software development, Story is pioneering a new approach to IP creation, empowering creators to participate in a dynamic ecosystem of creativity and innovation.

Our team comprises seasoned professionals from diverse backgrounds in media, technology, and business, backed by renowned venture capitalists worldwide. Come join us as we shape the future of intellectual property.

About the Role

The Security Engineer position at Story is integral to maintaining the security, confidentiality, and functionality of our platform. In this role, you will be responsible for designing, implementing, and managing security protocols that safeguard our infrastructure and the sensitive data it manages. By collaborating closely with the engineering teams, you will ensure that security considerations are ingrained in every layer of our technology stack, spanning blockchain protocols, smart contracts, backend services, and cloud infrastructure.

This role offers a unique opportunity to establish and guide the security strategy at a cutting-edge blockchain company driving the evolution of intellectual property.

Responsibilities:

• Design and implement security protocols across Story's infrastructure, covering cloud services, smart contracts, APIs, and databases to ensure comprehensive protection.
• Conduct security evaluations on the platform's smart contracts, APIs, and services to identify and address vulnerabilities effectively.
• Develop and integrate security tools and procedures for ongoing monitoring, logging, and proactive threat identification and response.
• Work closely with engineering teams to uphold secure coding practices, conduct routine code reviews, and security audits for new features and updates.
• Lead incident response activities and post-incident reviews to prevent the recurrence of security issues.
• Assess third-party integrations for security risks, ensuring compliance with security standards.
• Stay informed on emerging security threats in the blockchain and web3 environment, contributing to our threat intelligence framework.
• Contribute to the enhancement of security policies and champion a security-focused culture through training and counsel.

Qualifications:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field.
• Over 5 years of experience in security engineering with emphasis on blockchain, cloud infrastructure, and web applications.
• Profound knowledge of security best practices for cloud platforms (e.g., AWS, GCP), encompassing IAM, network security, and infrastructure fortification.
• Demonstrated expertise in vulnerability identification and security assessments across code, infrastructure, and external services.
• Familiarity with security frameworks such as OWASP, NIST, and CIS.
• Strong problem-solving skills and proactive risk mitigation approach.
• Effective communication skills for conveying complex security concepts to technical and non-technical audiences.
• Enthusiasm for blockchain and web3 technologies preferred.
• Familiarity with cryptographic protocols including blockchain consensus algorithms and key management is beneficial.
• Based in the Bay Area or willing to relocate for in-office work three days a week.

This role is ideal for a security expert who excels in dynamic environments and is eager to contribute to the intersection of blockchain technology and IP innovation. Join us as we secure the future of creative collaboration!