Your next career starts here.

About Us

Turnkey builds secure, developer-first infrastructure for private key management, making it simple to create wallets, sign transactions, and automate on-chain actions through one elegant API – without ever exposing sensitive key material.

Our mission is to secure the open internet by making strong cryptography and key management the default. Turnkey was founded by the team behind Coinbase Custody – the world’s largest and most secure crypto custodian – whose work has helped protect over $100B in crypto across the industry.

Turnkey's team is low-ego, high-agency, and high-autonomy with more than 100 years of combined experience in cryptography, security, and low-level systems, building reliable infrastructure used at scale.

Role Overview

We are hiring a Senior Application Security Engineer to join Turnkey's team and help ensure our systems, pipelines, and runtime environments are secure by design and resilient at scale.

You'll embed directly with product and infrastructure engineering teams, shaping how security is integrated into every aspect of our architecture. This is a hands-on, builder role ideal for someone who enjoys building secure systems from the ground up.

What You’ll Do

You will partner with Product and Engineering at both the design and development stage to ensure that we implement new features securely, including (but not limited to):

• Participating in the implementation efforts

• Doing security reviews

• Helping with product design decisions

• Auditing and surfacing vulnerabilities in our current products

• Conducting threat modeling and security assessments for new features and systems, identifying risks early and shaping secure architectural decisions.

• Developing and improving our Automated Tooling: further enhancing our automated tooling to scale our product security capabilities and find potential code problems both before and after we deploy

• Making the safe way, the easy way: work on defining and building application guardrails so that developers can build securely by default

• Investigating and remediating security issues, including vulnerabilities and incidents, and drive long-term improvements to prevent recurrence

• Embedding a culture of secure development across engineering, defining practices that influence how Turnkey builds, deploys, and maintains systems at scale.

What We're Looking For

• Bachelors degree in Computer Science, Engineering, or a related field

• 5+ years of experience in application or product security, ideally in fast-moving, high-impact or crypto-native environments

• Strong understanding of web, mobile, and cryptographic security fundamentals (e.g. OWASP Top Ten, SANS/CWE Top 25)

• Proficiency in programming and scripting languages (Typescript/Javascript, Go, Rust) and
  experience building secure systems from the code up

• Hands-on experience with security testing tools and methodologies (static/dynamic analysis, pen testing, etc.)

• Strong understanding of cloud, containerized, and runtime environments (AWS, GCP, Docker, Kubernetes), with the ability to embed security early in the SDLC

• Excellent analytical, problem-solving, and communication skills, with a collaborative mindset for partnering across product and infrastructure teams

• Curious, proactive, and passionate about building secure, reliable systems in a fast moving startup environment

• A builder mentality; comfortable operating with ambiguity, tackling incomplete systems, and applying hands-on engineering experience to security challenges.

Style Points

• Familiarity with crypto or DeFi systems and their unique security challenges

• Familiarity with threat modeling frameworks and cloud-native security tooling

What We Offer

• Full benefits, including medical, dental, vision, life, disability, HSA/FSA, 401(k) - detailed benefits overview available as we get further in the process

• Paid parental leave

• Unlimited PTO (and we will force you to take time off!)

• $3,000/yr learning and development budget to attend industry conferences

• Multiple team offsites per year

• Macbook Pro laptop

• Lunch stipend (for those physically in the New York City office)