Security Engineer



Software Engineering
United States
Posted on Tuesday, February 13, 2024
About Toku
Crypto has had tremendous growth over the last several years. That growth comes with inevitable regulation. Regulation, in our view, is a good thing because it increases adoption.
Organizations that enable this transition from the pre-regulation to post-regulation environment - the companies compliantly navigate a changing regulatory landscape, or better yet, facilitate it, will be some of the most relevant organizations of the future. Toku will be one of those companies.
Toku’s products enable crypto-native companies to compliantly compensate their teams in both fiat and tokens in over 100 teams globally. Toku’s growing list of customers includes Aragon, Astar, dYdX, Filecoin Foundation, Gitcoin, Gnosis, Hedera Hashgraph, Protocol Labs, Teller, Safe, Storyverse, and others.
Paying people with tokens is such an obvious and early real-world use case of any token, regardless of what else the token can do. All tokens can be used to compensate workers - and in fact, are! Toku ensures that all token compensation is managed legally, and proper taxes are paid. This is a critical part of the transition to a post-regulation crypto industry.
Toku raised $20 million from a consortium led by Blockchain Capital with Protocol Labs, GMJP, OrangeDAO, Orrick, Reverie, Quantstamp, Next Web Capital, and prominent angel investors including Protocol Labs founder Juan Benet and Alchemy co-founders Nikil Viswanathan and Joe Lau. Read more about Toku in Fortune, Yahoo Finance, and CoinDesk.
To learn more, check our website.
As Toku's Security Engineer, you'll be hardening one of the most sophisticated and high-throughput distributed systems in global employment and token compensation. You'll focus on designing, building, and deploying web-application security tools to protect our platform and highly sensitive data.


  • Integrate dynamic application security testing (DAST) and static application security testing (SAST) into our CI/CD pipeline
  • Discover, prioritize, and address risks on features, products, infrastructure, and acquisitions
  • Develop and execute best practices across web-application security, development, and deployment
  • Identify, triage, and mitigate vulnerabilities in real-time
  • Advocate security and data integrity compliance through partnering with and training engineers, PMs, and others


  • 2-5 years of relevant industry experience in software security or operations, with early startup experience
  • Deep understanding of web security, TLS/SSL, web authentication, and applied cryptography
  • Experience with threat models and industry standard security tooling
  • Experience with DigitalOcean
  • Self-starter attitude and the ability to execute new ideas with autonomy
  • A hustler mentality, founding a company or building side projects is a plus!
  • North America Time Zone
Toku is an equal opportunity employer, and we are committed to being a diverse team that reflects a broad range of background, thought, and experience. We do not discriminate based on race, color, religion, sex, gender identity, sexual orientation, age, national origin, status as an individual with a disability, status as protected veteran, or any other legally protected characteristics. Women, minorities, LGBTQ+, and people from underrepresented backgrounds are strongly encouraged to apply.
Please use to create a good resume before applying.