Senior Software Engineer, Developer Platform
Aktuelle Original-Stellenanzeige
Quelle: StudySmarter Stellenbestand · Status: aktiv · Bewerbung über das zentrale StudySmarter-Formular.
Die ganze Ausschreibung von P2P
Automatisch strukturiert · Originaltext unformatiert geliefert
Das ist der Job
This is security‑critical infrastructure, externally audited, with a high review bar.
Darum lohnt es sich
Overview The Developer Platform team builds KMS, the key‑management and signing service behind ZeroDev’s embedded wallets (smart‑account / account‑abstraction wallets that app developers drop into their products).
You will own backend services and the cryptographic recovery and trust‑model machinery around them on a small, high‑ownership team, and help grow the platform from interactive consumer wallets toward programmatic and automated signing and programmable transaction policy.
It is non‑custodial: end users control their keys, and the service orchestrates secure creation, authentication, and signing on top of a third‑party signing provider. Responsibilities Go backend services that broker wallet creation, authentication, and signing at scale.
Key recovery and the committee trust model: distributed key generation and secret sharing that keep the service non‑custodial, with recovery authority split across independent committees so no single party ever holds a user’s key.
Trusted Execution Environments: reconstructing and operating on key material under hardware isolation and remote attestation.
Authentication and signing‑provider integration: the user‑facing auth methods that gate signing (passkeys / WebAuthn, OAuth, OTP, sessions, 2FA), and integrating with a third‑party signing provider (authorization and policy flows, scoped credentials, quorum / consensus approvals).
Security review and hardening: writing design docs and decision records, working directly with external security auditors, and turning a high review bar into shipped code.
Production operations on Kubernetes: observability and alerting, secrets and certificate management, on‑call, and the compliance controls the domain requires (sanctions screening, PII‑safe handling).
Requirements A strong backend engineer who has shipped and operated production services in Go (or an adjacent systems language and is eager to go deep in Go) Security‑first by default: you reason about threat models, blast radius, and key custody as a habit, and you write code that holds up to security‑critical review Comfortable with applied‑cryptography fundamentals (public‑key crypto, signatures, key management).
You do not need to be a cryptographer, but you can reason about it and learn fast Solid on distributed systems and API design: idempotency, failure modes, and clean service boundaries Operationally mature: Kubernetes, observability, and incident response are not foreign to you Clear written communicator (design docs, decision records) who thrives in a collaborative, review‑heavy culture Nice‑to‑have TEE experience (AWS Nitro Enclaves, Intel SGX / TDX, or similar): attestation, enclave key handling, reproducible enclave builds Threshold cryptography / MPC in practice: DKG, FROST or other threshold signatures, verifiable secret sharing, resharing Account abstraction: ERC‑4337, EIP‑7702, smart‑account or embedded / non‑custodial wallet experience Built on or integrated a custody / signing provider (Turnkey, Fireblocks, or similar), or built one HSM / YubiKey / PIV / secure‑element integration Been on the receiving end of a third‑party security audit and driven the remediation WebAuthn / passkeys, OAuth / OIDC, and the Go crypto ecosystem #J-18808-Ljbffr
Bereit?
Bewerbung wird direkt an P2P uebergeben - kein Konto noetig.
Aktuell die einzige offene Stelle bei P2P.
Neue Stellen kommen monatlich dazu — schau gerne später noch mal rein.