Staff Engineer — Custody Platform

About us
The Vault, an MPC-based crypto custody platform for institutional and retail customers. We run threshold signing with non-extractable key shares across HSM and Ledger hardware, support a growing surface of chains and assets, and are pushing toward post-quantum readiness and SaaS-grade scale. Series A is ahead, the 2026 productized launch is in flight, and we publish original cryptographic research alongside the product work.

About the role
We’re hiring a Staff Engineer to design, build, and ship the custody platform’s hardest backend code. This is a hands-on IC role with real technical leadership: you write production code every day, own non-trivial cross-cutting initiatives, lead through RFCs and code, and mentor senior engineers — without managing people.
You shape architectural decisions in your work area through code, RFCs, and design reviews. Platform-wide architectural ownership (technology stack, core/periphery boundary, deployment models, post-quantum migration) sits with our technical leadership — you contribute to those decisions strongly, but you don’t own them. If you want a role with the architecture-function hammer, this is not it. If you want a role where your code, your designs, and your judgment are the strongest signals in the room, it is.
We’re hiring on the bet that engineering judgment, CS fundamentals, and ownership mindset matter more than specific language fluency in an AI-assisted era. We use Claude Code, Cursor, and Codex heavily. What we need is the depth to read AI-generated code critically — to catch the subtle concurrency, consistency, or security bugs that AI doesn’t — and the ownership to drive non-trivial initiatives from idea to production reliability.
Both Staff Engineers on the team (this role and the Fullstack role) contribute across the codebase, with natural gravitation over time toward either the security-critical core (MPC library, threshold signing, HSM and Ledger integration, key lifecycle, cryptographic primitives) or the faster-moving periphery (chain and asset adapters, partner integrations, recovery and policy flows, APIs and SDKs).

What you’ll do
• Design, write, and ship critical platform components: policy engine, signing orchestration, key lifecycle workflows, recovery flows, approvals, audit trails, multi-tenant wallet and account services.
• Lead non-trivial cross-cutting initiatives in your area — through written RFCs, design reviews, and code, not through hierarchy.
• Build high-load, multi-tenant SaaS systems: tenant isolation, quotas, rate limits, backpressure, concurrency control, predictable latency under spikes.
• Distributed systems & reliability: idempotency, retries, outbox/inbox, event-driven workflows, sagas and state machines, replay, graceful degradation.
• Security-by-design: least privilege, secret handling, mTLS/JWT, tamper-evident logs, audit-ready data models — designed for SOC 2, ISO 27001, and DORA scope from day one.
• Performance & data: profiling, load testing, benchmarking, contention analysis, GC tuning; strong relational modelling (Postgres or equivalent), migrations, indexing, clear consistency boundaries.
• AI-assisted development as a core competency: ship production code with Claude Code, Cursor, and Codex; build the prompt and agent patterns that work for your area; contribute to the company’s AI engineering practices; know when to use AI heavily (periphery, integrations, tests, docs) and when not to (cryptographic core, signing paths) where blind generation is unsafe.
• Set patterns and shared libraries for the services your area touches; raise the bar through code review and example.
• Own features end-to-end: design notes / RFCs, code, tests, observability, rollout, on-call. No “throw it over the wall” handoffs.
• Mentor senior engineers: your reviews and your written designs are the strongest signal to the rest of the team.

Must-have experience
• Strong CS fundamentals — our primary screening criterion. You can reason from first principles about concurrency, distributed systems, consistency models, networking, and OS behaviour. You know not just what locks and channels do, but why and when. You understand what’s happening under the hood, not only at the API level.
• Ownership mindset. You’ve owned non-trivial production systems end-to-end — design, ship, measure, improve, on-call. You don’t wait to be told what to do, and you don’t ship code you don’t understand.
• 10+ years backend engineering, including 3+ years operating at Staff level (or equivalent senior IC scope). Strong production experience in a modern systems language — Go, Rust, Java, C++, or comparable. Hands-on Go experience, or genuine readiness to ramp on Go in the first month.
• Track record of Staff-level technical leadership through code, RFCs, and influence — without formal authority over teams. You can point to RFCs you wrote that the team adopted, initiatives you drove without being the manager, patterns you set that outlasted you.
• Proven track record building high-load, multi-tenant SaaS in production (HA, incident response, SLOs).
• Hands-on with modern backend stacks: gRPC/HTTP, queues/streams, caching, relational databases, Kafka/NATS or equivalent.
• Strong testing discipline: unit/integration/contract tests, testability-first design, deterministic CI.
• Strong observability habits: structured logging, metrics, tracing, end-to-end production debugging.
• REQUIRED: production-grade use of modern AI coding tools (Claude Code, Cursor, Codex, or comparable). You can point at what you’ve built with them. You read AI-generated code as a hostile reviewer, not a grateful recipient — you have instincts for what AI tends to get wrong, and you don’t ship code you couldn’t have written yourself.

Nice to have
• Exposure to custody, wallets, or signing systems (MPC, HSM, TEE, key management, approvals).
• Hardware wallet integration (Ledger).
• Multiple blockchain ecosystems (EVM and Bitcoin minimum; Cosmos, Solana, others a plus).
• Built custom agents, MCP integrations, or in-repo AI workflows that compounded a team’s productivity.
• Designed and run evals for AI-generated code (correctness, security, style).
• Kubernetes and service mesh in production; SRE practices.
• Regulated-environment experience (fintech, security audits, compliance-driven engineering).
• Threat modelling and security review participation.
• Familiarity with SOC 2, ISO 27001, and DORA — enough to design for them.
Soft skills
• Ownership mindset above all else: you ship, you measure, you improve.
• Leads through writing, code, and example — not through hierarchy.
• Clear written communication: design notes, RFCs, incident write-ups, trade-offs.
• Pragmatic technical leadership: raises the bar without blocking progress.
• Mentorship: helps senior engineers become faster, safer, more independent.
• Comfortable in ambiguity; aligns technical decisions with product and risk.

What this role is NOT
• A people management role.
• A pure architecture / whiteboard role. You write production code in this codebase every week, and platform-wide architectural ownership sits elsewhere.
• A research-only cryptography role. You collaborate with our Cryptography Researcher; your focus is platform engineering, not protocol design.
• Pure feature ticket execution. If you wait to be told what to do, this won’t work.
What we offer
• A Staff IC role with real technical leadership — no people management, no sprint mechanics gauntlet, no architecture-by-committee.
• An AI-forward engineering culture with budget and autonomy for the tooling, models, and agents you need.
• Direct peers in cryptography research, security architecture, product, and delivery — you’re not the only senior voice in the room.
• Fully remote, any time zone with reasonable overlap with EU/CIS hours.
• Competitive comp at the Staff engineer band; equity participation; full benefits.
• A product approaching Series A with paying institutional customers and a published cryptographic research line.

How to apply
Send a CV and a short note — ideally a link to non-trivial code or a system whose design you led. A pointer to non-trivial code you shipped with AI tooling (a repo, a write-up, a demo) is the strongest possible signal. Take-home assignments are not part of our process; we’ll have a structured technical conversation designed to probe CS fundamentals, ownership, and how you actually work with AI.