KGeN - Senior Applications & Web3 Security Engineer
KGEN
IT
Bengaluru, Karnataka, India
Posted on Apr 9, 2026
Description
About the Role :
We are looking for a Senior Application & Web3 Security Engineer to secure our applications and decentralized systems at scale.
This role sits at the intersection of AppSec, Web3 security, and emerging AI risks, where youll be responsible for identifying vulnerabilities, securing smart contracts, and strengthening our overall security posture across systems.
Key Responsibilities
About the Role :
We are looking for a Senior Application & Web3 Security Engineer to secure our applications and decentralized systems at scale.
This role sits at the intersection of AppSec, Web3 security, and emerging AI risks, where youll be responsible for identifying vulnerabilities, securing smart contracts, and strengthening our overall security posture across systems.
Key Responsibilities
- Conduct smart contract security reviews and audits (Solidity / Rust)
- Perform Web3 attack surface analysis across wallets, nodes, and RPC layers
- Secure APIs, backend systems, and application layers
- Implement and manage SAST / DAST tools and processes
- Drive threat modeling exercises (STRIDE, abuse cases)
- Own and enforce Secure SDLC practices across engineering teams
- Strengthen dependency and supply chain security
- Identify and mitigate AI-related risks (prompt injection, data leakage, misuse)
- Collaborate with engineering to remediate vulnerabilities and improve security posture
- 6-10+ years of experience in Application Security (AppSec)
- Hands-on experience with smart contract audits (Solidity / Rust)
- Strong understanding of Web3 ecosystems (wallets, RPCs, nodes)
- Experience with SAST, DAST, and secure coding practices
- Exposure to bug bounty programs, red teaming, or offensive security
- Strong knowledge of threat modeling and risk assessment frameworks
- Experience working in crypto / blockchain ecosystems
- Ability to operate in a fast-paced, high-ownership environment
- SAST & DAST tools (selection and implementation experience)
- Cloudflare WAF (rules tuning and optimization)
- Web3 infrastructure (RPC nodes, wallets, blockchain networks)
- CI/CD pipelines (GitHub / GitLab)
- Secrets management systems
- Splunk (security monitoring and ingestion pipelines)
- Opportunity to work on cutting-edge Web3 + AI security challenges
- High ownership in building secure, scalable systems from ground up
- Work closely with founders and core engineering teams
- Exposure to real-world attack scenarios and advanced security practices
