Application Security Engineer



United States · Remote
Posted on Thursday, May 23, 2024

About Pagoda

Pagoda is a technology services firm dedicated to developing core components for the NEAR Ecosystem. We believe that re-inventing how software is made and distributed is our greatest opportunity to open economic access to those who are not fully integrated into the global economy. Our products empower people to find opportunity, invent new experiences, and collaborate. Let's build an Open Web world. A world where people control their assets, data, and power of governance.

About The Role

Pagoda's growing security team seeks an Application Security Engineer to help us enhance the security of our cutting-edge blockchain applications. Partnering closely with our engineering and product teams, you'll play a vital role in applying your security expertise throughout the software development lifecycle.

What You’ll Be Doing

  • Work alongside engineers to integrate security best practices into design reviews, threat modeling, code reviews, and penetration testing.
  • Participate in secure code review and penetration testing efforts, honing your skills with hands-on experience under the guidance of senior team members.
  • Contribute to deep-dive security reviews of our web, mobile, and API products to ensure they adhere to secure design principles.
  • Participate in security training and share your learnings with the broader engineering team to foster a culture of security awareness.
  • Assist in incident response to gain valuable real-world experience and help protect Pagoda's systems and data.
  • Gain exposure to SAST/DAST tools (Snyk, Stackhawk), bug bounty analysis, and risk assessment, building a foundation for future growth.

What We’re Looking For

  • 5+ years of experience in application security or a related field, with a passion for learning and growing your skillset.
  • A solid understanding of security fundamentals and common vulnerabilities (e.g., XSS, CSRF, SQL Injection).
  • A knack for identifying potential risks and collaborating with engineers to find effective solutions.
  • The ability to effectively communicate security concepts to both technical and non-technical audiences.
  • A collaborative mindset and a willingness to learn from and teach others

We’d Love If You Have

  • Familiarity with one or more programming languages (Python, JavaScript, Rust) to aid in code review and vulnerability analysis.
  • An interest in blockchain technology and a desire to contribute to the security of the Web3 ecosystem.

Here’s What Our Interview Process Looks Like

Our interviews take place via Zoom and typically consists of the following stages:

  • Recruiter Call
  • Hiring Manager Call
  • 1st Round
    • Bug Bounty Interview
    • Technical Assessment with Engineering
  • Final Round
    • Meet with CTO
    • Pagoda Values Interview


The base salary range for this role is $153,000 - $170,000. This reflects the minimum and maximum range across all US locations. This does not include bonus, incentives, or benefits.

The actual base pay is dependent upon many factors, such as: leveling, relevant skills, and work location. If you are based outside of the US, there are other geographic considerations that may impact your final compensation. Your recruiter can share more about the compensation and benefits applicable to your preferred location during the hiring process.

Benefits & Perks

  • Encouraged 20 days of flexible PTO per year, plus your local holidays
  • Wellness weeks – 2 weeks of paid company-wide closures
  • 100% Paid medical, dental and vision, AD&D and life insurance for US employees, including 85% coverage for dependents, and HSA + FSA options; For non-US employees, 100% Paid private medical coverage available at the highest tiered plan
  • Access to licensed therapists and mental health resources through Spill, 100% confidential and paid by Pagoda; plus $75 monthly reimbursement for wellness
  • Generous parental leave options; All employees have access to $10,000 in fertility assistance through Carrot
  • For US employees, 401(k) retirement plan available (no match)
  • Annual company retreats and team offsites (2023 was in Spain; 2022 in Portugal)
  • $2,000 Continued Education Reimbursement
  • $2,000 Home Office Reimbursement
  • Co-working Space Reimbursement

Our Values at Pagoda

Our values express our company culture. Learn more on our careers page.

Pagoda is an Equal Employment Opportunity (EEO) employer and welcomes all qualified applicants. Applicants will receive fair and impartial consideration without regard to race, sex, color, religion, national origin, age, disability, veteran status, genetic data, or other legally protected status.

Global Data Privacy Notice for Job Candidates and Applicants

Information collected and processed as part of your Pagoda Careers profile, and any job applications you choose to submit is subject to our Privacy Policy. By submitting your application, you are agreeing to our use and processing of your data as required.