About Magic Labs

If you’re excited about working on the forefront of chain abstraction, user experience, and elevated design, we'd love for you to join our team.

Magic pioneered wallet abstraction in 2018, onboarding over 35 million wallets and 190,000 developers. We helped to create invisible wallet experiences for web3 trailblazers like Polymarket, Helium, WalletConnect, and Immutable, as well as Fortune 500 brands like Forbes, Naver, and Mattel. We've raised over $80 million from notable investors, including PayPal Ventures, Lightspeed, Placeholder, SV Angel, Naval Ravikant, and Balaji Srinivasan.

Today, Magic operates at the forefront of blockchain innovation, providing cutting-edge infrastructure and developer tooling to everyone building on-chain. Our mission is to abstract away all technical complexity, empowering developers to create accessible end-user experiences. We believe every internet user should have access to apps and experiences on-chain without the headache of traditional self-custody wallets—and the hassle of navigating siloed blockchain networks.

After setting the standard for wallet abstraction, Magic is on a mission to pioneer the next phase of abstraction: chain abstraction. With so many L1s, L2s, and L3s entering the space in addition to new VMs, it’s never been more crucial to solve identity and liquidity fragmentation that spans across chains—this is how we’ll achieve true interoperability and seamless user experiences. Magic is building a unified, cross-chain network that will maximize efficiency and accessibility for developers and users alike.

The Role

Magic's security team is critical – it is responsible for safeguarding Magic’s tools and products. We are looking for a Senior Security Engineer to play a pivotal role in expanding our security program. The Senior Security Engineer will work on some of the most challenging and high-visibility risks the company faces. You will identify and mitigate security risks in our product and infrastructure, conduct security assessments, and assist with investigations. The ideal candidate will be an innovative self-starter, motivated by our mission and results-driven, and able to extract, assimilate, and correlate a wide variety of data to surface and disrupt threat actors across multiple spaces.

This is a fully remote position for US and Canada-based candidates. Unfortunately, we are unable to sponsor or take over sponsorship (ex., H-1B transfer) of employment visas at this time, and applicants must be authorized to work for any employer in the US or Canada.

You will:

• Contribute to securing our SDLC, including secure coding practices, CI/CD pipelines, and regression tests.
• Lead and grow our vulnerability management program across our cloud infrastructure (AWS) and endpoint machines (macOS).
• Collaborate with Engineering teams to harden our frontend and backend systems (Next.js, TypeScript, AWS, Python).
• Foster your extensive experience securing a cloud microservices platform like Kubernetes, including ingress/egress and container communication.
• Manage our external bug bounty program and technically contribute to mitigations.
• Support compliance standards like NIST, ISO 27001, SOC 2 Type 2, and GDPR.
• Build a security mindset across the organization by providing security guidance and best practices.
• Take a holistic approach towards security, ensuring coverage from code quality up and out to our edge services including Cloudflare and Vercel.
• Participate in 24/7 on-call and security incidents, acting as Incident Manager.

You have:

• 6+ years of security engineering or software security experience in frontend or backend environments.
• Experience with programming and scripting languages such as Python, Golang, or TypeScript.
• Excellent Incident Management skills to navigate and lead incidents adeptly to ensure platform uptime.

Bonus points:

• Have previously built or managed a SIEM like OpenSearch or Splunk.
• Built out modular authentication flows including WebAuthn and OAuth.
• Experience with Web3 protocol or smart contract security auditing.

Why you'll love working with us:

• Remote-first culture with flexible working hours.
• Competitive salary with stock options.
• 99% company-paid medical*, dental, and vision insurance; 100% company-paid life and disability insurance.
• 401(k) plan* (US) or pension plan (CAN).
• $3,600 annual reimbursement for remote work, wellness, and professional development.
• Flexible time off.
• Up to 12 weeks of paid parental leave.
• Family planning and reproductive health benefits, including up to $5,000 reimbursement, through Maven*.

*Benefits available to US employees only. Canada healthcare coverage differs.

Salary

$170,000-$210,000/year.

At Magic, we believe building a team full of diverse perspectives and experiences is vital to success. Therefore, we strongly encourage anyone historically underrepresented in tech to apply for this role. Magic does not discriminate based on gender, sexual orientation, race, religion, citizenship status, age, or physical ability. Empathy, authenticity, and inclusivity are at the core of all we do.

US Candidates: Magic Labs, Inc. participates in E-Verify to confirm the identity and employment eligibility of all new US hires.