We are an engineering-led development agency that partners with early-stage startups to launch their engineering efforts and supports mid-stage companies in building new, greenfield software products. We stay at the forefront of modern technology, take pride in delivering high-quality work, and set ourselves apart through measurable results. You’ll thrive here if you’re passionate about technology, enjoy getting things done, love learning, and are motivated by solving challenging problems. You’ll also feel at home if you value freedom. We trust our team’s autonomy and don’t enforce rigid schedules or working styles. Meetings are rare, and we prioritize asynchronous communication. When meetings are necessary, we batch them to protect long, uninterrupted focus time. If you have a public portfolio of work—such as technical talks, publications, or open-source contributions—we’d love to see it. Candidates with visible work will be prioritized in the interview process.

About the Role

We’re looking for a mid-level Security Engineer to join the Dusk Labs engineering team, with a focus on security research and building reliable automated security testing systems across our fintech and cryptography projects. This role blends hands-on security analysis with systems engineering, ideal for someone who enjoys uncovering vulnerabilities and building tooling to continuously validate security posture.

You’ll work across a wide range of systems—from transport-layer protocols implementing post-quantum cryptography to financial platforms handling sensitive transactions—conducting in-depth security research and developing comprehensive automated testing frameworks to support a security-first engineering culture.

You’ll be part of a high-performing team of experienced engineers who are passionate about learning and tackling complex, meaningful problems.

Responsibilities

• Perform security research and vulnerability assessments across fintech and cryptographic systems.
•  Design and implement automated security testing infrastructure using Rust and shell scripting.
•  Build and maintain security test suites, including fuzzing, automated penetration testing, and cryptographic protocol testing.
•  Develop monitoring and alerting systems to surface security anomalies and potential attack vectors.
•  Conduct threat modeling and security reviews of system architecture and code across multiple projects.
•  Stay current on emerging attack techniques, vulnerabilities, and defensive strategies relevant to financial and cryptographic systems.
•  Create tools and frameworks for continuous security validation within CI/CD pipelines.
•  Document security findings and convert research outcomes into clear, actionable recommendations for engineers.
•  Maintain and improve existing security testing tools and infrastructure.

Required Qualifications

• Strong software engineering fundamentals with two to four years of relevant experience.
•  Hands-on experience with Rust, or the ability and willingness to ramp up quickly.
•  Comfort working with TypeScript and modern web technologies.
•  Strong experience with Linux environments and shell scripting.
•  Background in security testing practices, including static analysis, dynamic analysis, and penetration testing.
•  Understanding of cryptographic principles and secure coding practices.
•  Experience building automated testing systems or CI/CD pipelines.
•  Familiarity with security tools and frameworks such as SAST, DAST, and fuzzing tools.
•  Experience with network protocol analysis and traffic inspection tools.
•  Strong analytical thinking, attention to detail, and problem-solving skills.

Preferred Qualifications

• Experience conducting security research or discovering vulnerabilities.
•  Background in cryptographic protocol analysis or implementation.
•  Experience auditing DeFi or blockchain-based protocols.
•  Familiarity with containerization and orchestration technologies such as Docker and Kubernetes.
•  Experience with reverse engineering tools and binary analysis.
•  Knowledge of security compliance frameworks and industry standards.
•  Background in incident response or malware analysis.
•  Experience with cloud security and infrastructure-as-code practices.
•  Contributions to open-source security tools or research initiatives.

About Dusk Labs

Dusk Labs is an engineering-driven development agency that helps early-stage companies establish strong engineering foundations and supports mid-stage organizations in building new, greenfield products. We stay at the cutting edge of technology, focus on delivering high-quality outcomes, and differentiate ourselves through the impact of our work.

Our culture values autonomy, deep focus, and thoughtful collaboration. We minimize meetings, favor asynchronous communication, and create space for engineers to do meaningful, uninterrupted work. If you have a visible body of work—open-source contributions, research, or technical content—we strongly encourage you to share it as part of your application.