Security Engineer
About the Role
You will ensure the security of smart contracts, frameworks, and infrastructure by finding and fixing vulnerabilities, designing and running adversarial tests, and building analysis and fuzzing tools. You will guide audits and penetration tests, maintain dependency and SBOM practices, produce threat models and documentation, and support incident response and observability.
Requirements
- BA BS MS PhD in Computer Science Software Engineering or equivalent experience
- 6+ years of experience as a security engineer
- Familiarity with blockchain cryptography and smart contract languages and frameworks
- Experience with systems design and open source projects
- Experience with JavaScript and Go (preferred)
- Experience with Cosmos/Tendermint (preferred)
Responsibilities
- Develop static analysis and fuzzing programs
- Build custom tooling to support bug hunting and QA
- Guide penetration testing program and support security audits
- Perform adversarial testing on frameworks contracts core infrastructure and testnets
- Support vulnerability disclosure and bug bounty programs
- Guide dependency management and maintain the Software Bill of Materials
- Develop and maintain security documentation including threat models and interaction diagrams
- Partner with ecosystem stakeholders for audit readiness emergency coordination and observability
- Incorporate security into software designs and implementations
- Participate in code reviews and threat modeling with engineers
- Construct tools and testing frameworks to improve stability scalability reliability and maintainability
- Develop response playbooks and best practices
- Participate in open source development on shared resources