Senior Application Security Engineer

Role Overview

Uniswap Labs is a core contributor to the Uniswap Protocol, the world’s largest DEX, with over $4 trillion in volume across 17 chains. It builds products that help millions access the protocol, including the Uniswap Web App, Wallet, and Trading API. Uniswap Labs is also the primary technical provider for Unichain, a DeFi-native Ethereum Layer 2 built to be the home for liquidity across chains.

We’re looking for a Senior Application Security Engineer to help shape the security of Uniswap’s products and infrastructure. You’ll play a leading role in protecting one of the most widely used protocols in DeFi and will work across teams to embed security into everything we build, mentor other engineers, and strengthen our overall security posture.

What You’ll Do

• Partner with engineering and product teams to design and build secure systems across web, mobile, and backend environments.
• Lead threat modeling, code reviews, and vulnerability assessments to identify and mitigate risks early in the SDLC.
• Define and evolve secure development practices, including tooling, automation, and developer education.
• Investigate and respond to application security incidents, drive root cause analysis, and implement long-term preventive measures.
• Evaluate new security technologies and approaches to continuously raise the bar for application and protocol security.
• Mentor engineers and foster a culture of security awareness and shared responsibility.

What You Bring

• Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field.
• 5+ years of experience in application security or related fields, ideally with experience in fast-moving or high-impact environments.
• Strong understanding of web, mobile, and cryptographic security fundamentals (e.g. OWASP Top Ten, SANS/CWE Top 25).
• Hands-on experience with security testing tools and methodologies (static/dynamic analysis, pen testing, etc.).
• Proficiency in programming and scripting languages (Java, Javascript, Python preferred).
• Experience with cloud and containerized environments (AWS, GCP, Docker, Kubernetes).
• Excellent communication skills and the ability to influence and collaborate across teams.

Nice to Haves

• Familiarity with crypto or DeFi systems and their unique security challenges.
• Experience with DevSecOps practices and automation.
• Knowledge of IAM and authentication standards (OAuth, SAML) or compliance frameworks (GDPR, PCI-DSS).
• Relevant certifications (CISSP, OSCP, CSSLP).
• Love for unicorns 🦄

Compensation & Benefits

The minimum full-time salary for this Senior Application Security Engineer role is $230,000 - $255,000. Full Time employees at Uniswap Labs are also eligible for other compensation elements, including tokens, and comprehensive benefits. Uniswap Labs' Full-Time employee benefits include company-paid medical, dental, & vision for you and your dependents, wellness offerings including a partnership with Equinox Fitness Clubs, 401(k) with 4% employer contribution, annual $1,500 education stipend, unlimited and encouraged time off, up to 16 weeks paid parental leave, home office setup stipend for remote employees and daily lunches at NY headquarters (all benefits are subject to applicable taxes and based on eligibility).

Diversity & Inclusion

Uniswap Labs is committed to diversity in our workforce and is proud to be an Equal Opportunity Employer (EEO). We provide employment opportunities without regard to age, race, color, ancestry, national origin, religion, disability, sex, gender identity or expression, sexual orientation, veteran status, military status, domestic violence victim status, reproductive health decision making or any other protected category. Uniswap Labs also participates in E-Verify.

Key skills/competency

• Application Security
• Threat Modeling
• Code Review
• Vulnerability Assessment
• Incident Response
• Secure SDLC
• DevSecOps
• Cloud Security
• Cryptography
• Python, Java, Javascript