Key skills
Node.jsTypeScriptRustNestJSOAuth2OIDCWebAuthnPasskeysOTPAWS KMSVaultCryptographySystem DesignArchitectureLeadershipCommunicationAWSMentoring
About this role
Phantom is the modern money app used by tens of millions around the world. The role involves owning and evolving the core authentication infrastructure that secures every Phantom account, leading the design, implementation, and operation of security measures such as multi-factor authentication and key-management services.
Responsibilities:
- Authentication systems
- Architect and ship production-grade improvements to Phantom’s Auth stack (e.g. secure enclaves, hardened token flows, threat modeling)
- Passkey (WebAuthn) & MFA
- Secrets management
- Design and build systems using modern secrets management technologies to push security and functionality to the next level
- APIs & Integration
- Define and maintain stable, versioned auth APIs for downstream teams
- Partner with cross-functional stakeholders to ensure seamless rollouts
Requirements:
- 7+ Years of Backend Experience: Demonstrated success in building large-scale, high-availability systems in Node.js, TypeScript, Rust, NestJS (or similar frameworks)
- Deep expertise in authentication protocols (OAuth2/OIDC, WebAuthn/Passkeys, OTP), Strong background in key management services (e.g. AWS KMS, Vault) and cryptography
- Strong System Design & Architecture Skills: Ability to translate product requirements into scalable, maintainable solutions, with a keen eye for performance trade-offs and fault tolerance
- Leadership & Communication: Experience mentoring engineers, leading technical initiatives, and collaborating effectively with cross-functional teams
- Web3/Crypto Knowledge: Familiarity with on-chain data, wallet integrations, or decentralized application patterns is strongly preferred