fun.xyz

Compensation

Full Description

Location: Midtown, New York, NY (In-person Mon–Thurs, with Optional Remote Fridays ) Team: Engineering – Security & Infrastructure Company Description At Fun.xyz, we believe a tokenized future is a beneficial inevitability, granting financial emancipation to everyone with an internet connection. For a blockchain-first global economy to exist, value exchange must become intuitive, secure, and seamless. Enter Checkout - the highest converting payment solution in web3. By integrating Checkout, dApps enable users to complete any on-chain action using crypto from a wallet, centralized exchange, or on-ramped fiat from a card or bank account. With access to market-leading routing and their asset portfolio at the point of sale, users are faster, stickier, and more engaged. For dApps, Checkout scales their user acquisition potential without launching new chains or integrating multiple third party providers. We built Checkout because we envision a world where anyone, anywhere, can purchase anything with any asset. If that sounds like a vision you can get behind, we want to hear from you. About the Role We're looking for our first dedicated security hire to own and implement our comprehensive security strategy. This high-impact role reports to the CTO with significant opportunity to build our security foundation and grow into broader leadership as we scale. You will ensure we maintain robust security postures across application security, corporate security, detection & response, IT infrastructure, and smart contract security. This role is perfect for a crypto-native security leader who thrives on building programs from scratch and can navigate the unique challenges of Web3 infrastructure. Responsibilities • Own and implement Fun's comprehensive security strategy across all domains - application security, corporate security, IT, smart contract security, and detection & response • Lead smart contract security initiatives including managing auditor relationships, coordinating audits, and working with engineers to remediate any findings • Build and maintain secure development lifecycle practices, including code reviews, vulnerability assessments, and penetration testing • Lead security incident response efforts, conduct post-mortems, and contribute to general team incident response • Oversee bug bounty programs and manage responsible disclosure processes • Establish security awareness training and champion security culture across the organization Requirements • 5+ years in security with experience across multiple security domains • Exposure to smart contract security and audit processes • Exceptional communicator who can articulate security risks and tradeoffs to engineers, clients, and executives • Builder mindset and strong execution skills • Ability to balance security requirements with business velocity in fast-paced environments Nice To Have • Previously worked at crypto startup or Web3 infrastructure company • Experience securing payment systems or financial infrastructure • Background with SOC2, PCI-DSS, or other compliance frameworks • Track record building security programs at high-growth startups • Auditor or security researcher experience Location and Work Environment This role is primarily in-person at our headquarters in Midtown, New York, NY. We collaborate together in-office Monday through Thursday, with optionally remote Fridays. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.