Senior Security Engineer

NYC

Full Time Senior-level / Expert USD 200K+

Category Labs

Posted 2 days ago

Category Labs (formerly known as Monad Labs) is a team of systems engineers and researchers on a mission to design and build at the frontier of decentralized technology. We strive to design and build step-function improvements over existing blockchain solutions. After recently raising $225M in series A funding, led by Paradigm, we are growing our team.

The Role

We are building the fastest EVM-compatible blockchain, and are looking for a Senior or Staff Security Engineer to lead security across endpoints, infrastructure, and applications. This is a high-impact role with ownership over security architecture, tooling, and incident response. You’ll work directly with engineers and DevOps to drive secure development and deployment practices from the ground up. Crypto/blockchain experience is a plus—not a requirement.

What You Will Do

Define security baselines for endpoints; manage MDM/EDR and enforce compliance. Roll-out and maintain hardened configurations for Mac/Linux devices. Ensure fleet-wide visibility and policy adherence.
Serve as the application security lead: threat modeling, design reviews, vulnerability assessments. Partner with engineers early in the lifecycle to identify risks and build secure-by-default systems.
Build secure libraries, CI/CD security pipelines, and tooling used across engineering. Automate enforcement of security controls and provide frameworks that reduce friction for dev teams.
Guide infrastructure hardening: firewall/IDS design, incident response playbooks, threat detection. Define secure defaults across cloud and bare metal, and develop response protocols for high-severity events.
Set up real-time observability and alerting for security-relevant events. Leverage logs, telemetry, and anomaly detection to surface emerging threats and system misbehavior.
Own vulnerability management, risk triage, and interface with auditors. Track issues end-to-end—from discovery to remediation—and ensure readiness for audits and assessments.
Lead internal security reviews, drive secure SDLC practices, and champion a security-first culture. Build repeatable processes around secure code delivery and foster awareness across engineering.

Who You Are

10+ years experience in securing large scale distributed systems
Experience in assessing the security posture of systems/services
Experience with secure code review, penetration testing, and common security tools
Strong engineering background and programming experience (Python, Golang, Rust, Bash, etc.)
Strong communication skills and ability to work with remote teams
Bachelor's or Master's degree in a relevant field, e.g. Computer Science, Information Systems/Technology, Cybersecurity, or equivalent practical experience

Why Work with Us

Challenging problems. You’ll work on extremely challenging problems with massive impact.
Huge opportunity. The Ethereum Virtual Machine (EVM) standard is ubiquitous, but existing EVM-compatible chains are very slow. Monad’s core innovations offer developers the best of both worlds (portability and performance) and are a game-changer for mass user adoption in crypto.
The right team. You’ll be part of a small, exceptional team (engineers and researchers make up 90% of the team).
Culture. We’re a lean team working together to achieve very ambitious goals. We are united in our culture of collaboration, low ego, and high-quality output. As an early member of our team, you’ll help to shape our culture.
Compensation. You’ll receive a competitive salary and equity package.
Resources and growth. We’re well-capitalized, with backing from leading venture funds like Paradigm, Electric Capital, Greenoaks, Dragonfly, and Coinbase Ventures. We keep a lean team, and this is a rare opportunity to join. You’ll learn a lot and grow as our company scales.

Salary and benefits

Minimum full-time salary of $200,000. (**This is not a guarantee of compensation or salary; a final offer amount may vary based on factors including but not limited to experience, domain expertise, and geographic location.)