What is the Filecoin Foundation The (FF) is an independent organization that facilitates governance of the Filecoin network, funds critical development projects, supports the growth of the Filecoin ecosystem, and advocates for Filecoin and the decentralized web
In 2017, the creators of Filecoin envisioned that an independent Filecoin Foundation would serve as the long-term governance body for the Filecoin Ecosystem
They gave the Foundation the mandate to “grow an open ecosystem for decentralized storage” and to “give developers an open and sustainable platform to build, enhance and monetize those services
” They wanted the Foundation to be modeled on Foundations for other open source projects like the Apache Software Foundation, the Mozilla Foundation and the Linux Foundation
The Filecoin Foundation operates independently of Protocol Labs, the organization that designed and built the Filecoin network
As a member of our early-stage team, you will have the opportunity to help define our growth as the organization scales
This is a full-time, remote position
Job Description As Technical Program Manager for Security at the Filecoin Foundation, you will be a key part in ensuring the security of the Filecoin Ecosystem by identifying and evaluating risks and vulnerabilities across the network
You will take on the program management for security for Filecoin ecosystem development, helping to grow and lead the FF security team
You will become deeply embedded in the broader Filecoin community, identifying areas for improvement and proactively developing initiatives and programs to improve the network
Some of these programs already exist (such as the Filecoin Bug Bounty and Security Audit Programs); others you will develop as you identify the need and opportunity
This role involves leading the security team within Filecoin Foundation and coordinating closely with the Ecosystem & EngRes Working Groups’ security initiatives, making communication and the ability to build trusting relationships critical
If you are passionate about cybersecurity and a more decentralized internet, we want to talk to you!
Responsibilities
- Manage security audits with external vendors to assess vulnerabilities
- Build relationships with key stakeholders in the Filecoin Ecosystem and advocate for the needs of the community in order to drive continuous security improvements
- Effectively track, manage, and report on security-related requests and projects
- Triage response to vulnerability information and be an escalation path for security issues, concerns, and inquiries
- Work with internal and external partners to design programs and initiatives to mitigate security risks and increase security hardening throughout the Filecoin network
- Manage security programs, including bug bounty and emergency response, for Filecoin; oversee the team that runs these programs
- Coordinate with security researchers and Filecoin protocol implementation teams to ensure the future security of the network
- Structure and execute threat-simulation, security education, attack vector prevention, and best practice documentation
Your Profile
- Experience working with security teams or security researchers, including leading a security team whose members have varied expertise
- Infosec experience, developing and enforcing org policies around permissioning, incident response, data avoidance/retention policies, etc
- Deep experience with distributed networks and network security, working with infrastructure teams to assess their needs
- Expertise hiring and interacting with auditors, pentesters, and experts outside your organization
- Deep experience collaborating closely with software engineers, from design to development to production support and developer education
- Ability to think strategically, seeing the big picture while also executing on the operations of the program
- A firm grasp on open-source software development and an understanding of the challenges that these projects face
- Tactful communication and discretion about sensitive issues
- Strong organizational and problem solving skills and attention to detail
- Ability to balance time-sensitive priorities
- Ability to build trusting relationships with multiple stakeholders
- Ability to work independently with minimal oversight
- Familiarity and experience working with the Open Source community and bug bounties
- Passion for the decentralized web and information access