Web3 Security Researcher
About the Role
You will analyze smart contracts written in Solidity and Rust to find logic errors and security vulnerabilities. You will write formal specifications and use formal verification tools (including Certora Prover) to prove properties of low-level code. You will perform live-audits and participate in responsible disclosure for discovered bugs, produce clear technical reports and blog posts, and use testing frameworks such as Foundry and Hardhat to reproduce and validate issues. You will stay current with web3 security research, participate in CTFs and audit contests when appropriate, and communicate findings effectively to developers and stakeholders.
Requirements
- Undergraduate degree in exact science from a strong university
- Ability to quickly understand intricate programs
- Mathematical thinking
- High integrity
- Preferred: Cybersecurity or code security experience
- Preferred: Experience with EVM or SolanaVM and DeFi protocols
- Preferred: Two years of smart contract auditing or vulnerability research
- Preferred: Understanding of Rust or Solidity
- Preferred: Experience with Foundry, Hardhat or formal verification tools
- Preferred: Ability to write technical reports and blogs
- Preferred: Participation in CTFs, audit contests, or bug bounty programs
Responsibilities
- Analyze smart contracts for security vulnerabilities
- Apply formal verification to prove properties of code
- Identify and exploit bugs in DeFi code and validate issues
- Report vulnerabilities via responsible disclosure
- Write clear technical reports and blog posts
- Use testing frameworks such as Foundry and Hardhat
- Stay updated on web3 security trends and hacks
Benefits
- Flexible work arrangements (remote or hybrid)
- Equity