Location: Global Remote
Employment Type: Full time
Location Type: Remote
Department: Security
Our Client believes freedom drives progress and prosperity. They don't see themselves as a company, but as a team aligned around a single mission: to advance personal freedom for all (see ZK Credo).
To achieve this goal, they are building zkSync -a credibly neutral, fully open-source technology stack and network on top of Ethereum, which is owned and governed by its community. They use advanced cryptography called zero-knowledge proofs to scale Ethereum infinitely without compromising on security or decentralization. With a world-class team, a community of over 1M supporters across Twitter and Discord, and hundreds of millions of dollars in funding, They have the resources to achieve our mission.
The Role:
As a Senior Security Engineer (Infrastructure) you'll play a critical role in securing the infrastructure that powers zkSync. You'll work across cloud, application, and systems layers to build and maintain robust defences. Partnering closely with DevOps, engineering, and protocol security to embed security into everything we ship.
This role is ideal for someone who thrives in high-impact environments, enjoys solving complex technical challenges, and is motivated by the mission of protecting open-source and decentralized infrastructure.
Key Responsibilities:
Design and implement secure infrastructure; including hardening cloud environments, containers, and CI/CD pipelines.
Help build detection and monitoring systems (e.g., SIEM, alerting pipelines) to ensure early threat detection and effective incident response.
Collaborate with engineers and DevOps to identify security risks in architecture reviews, system upgrades, and deployment plans.
Contribute to the design and review of Terraform, Ansible, or similar IaC, ensuring security is embedded from the ground up.
Participate in threat modelling, internal audits, and hands-on vulnerability remediation across our stack.
Work closely with Protocol Security, DevOps, and Product Engineering to align on shared security goals and ensure coverage across the full lifecycle.
Help implement tools to detect unusual infrastructure-level activity from on-chain signals (e.g., misuse of credentials or suspicious deployment patterns).
What We're Looking For:
Hands-on experience securing cloud-native environments (e.g., AWS, GCP), Kubernetes, CI/CD pipelines, and internal systems.
Practical knowledge of threat modelling, incident response, vulnerability management, and systems architecture.
Familiarity with Infrastructure as Code (Terraform, etc.), secrets management, and security automation tooling.
A self-starter who's comfortable with ambiguity and can drive security work through delivery not just assessment.
Able to partner across teams, raise risks constructively, and translate complex security concepts to technical and non-technical stakeholders.
Familiarity with the security considerations of decentralized infrastructure and open-source ecosystems. Bonus for knowledge of Ethereum, Solidity, or ZK-related tech.
Working Environment
You have the freedom to work how you want, when you want, and from where you want. All positions are 100% remote (with optional travel to team or industry events). Our client operates in lean, high-impact teams with minimal bureaucracy and no time tracking - only results matter. You'll have everything you need to learn, grow, and be productive.
They believe anyone who shares our mission can thrive here - regardless of background, gender, or location. That's why we foster a culture of respect, autonomy, and ownership.
What We Offer