FreeHire

CertiK

Senior Security Engineer

Show

You will work with external blockchain developers to audit codes and secure products including smart contracts, protocols and apps. You will establish and enforce security policies, manage vulnerabilities, respond to incidents and write analysis reports. You will monitor security breaches and defend systems from cyberattacks. You will conduct penetration tests on web and mobile apps (Android and iOS), and perform external and internal network security assessments. You will review source code and security design, conduct threat modeling, and provide guidance to software development teams. You will contribute to internal security tools and create new ones to improve security services. You will use static and dynamic analyses to identify flaws or vulnerabilities in smart contracts and propose recommendations. You will assess sandbox, VM, network, and core distributed-system code, identify vulnerabilities, and build PoC exploits. You will conduct security research, publish findings in technical blog posts and speak at conferences/tech talks/X Spaces, showcasing your expertise.

Responsibilities

  • Work with external blockchain developers to audit codes & secure products (smart contracts, protocols & apps/Dapps).
  • Establish/enforce security policies, manage security vulnerabilities, respond to incidents and write analysis reports.
  • Monitor security breaches, defend systems from cyberattacks & provide technical consulting services in cybersecurity.
  • Conduct penetration tests on web/mobile (Android & iOS) & client application, perform external/internal network security assessment.
  • Review source code/security design, conduct threat modeling & provide guidance to software development teams.
  • Contribute to internal security tools & create new ones for improving security services with best engineering practices.
  • Use static/dynamic analyses to identify flaws or vulnerabilities in smart contracts & propose recommendations.
  • Assess sandbox/VM/network/core distributed-system code, identify vulnerabilities & build PoC exploits.
  • Conduct security research, publish findings in technical blog posts & speak at conferences/tech talks/X Spaces, showcasing technical expertise/insights.

Requirements

  • Master's degree in Security Informatics/Cybersecurity or a related field.
  • In-depth knowledge of Solidity/smart contract security/cryptography/blockchain technology.
  • Technical expertise in Web3 security, threat/vulnerability management, penetration testing & security review for programs written in Java/JavaScript/Python/C/C++/PHP/Go.
  • Familiar with cloud platforms such as AWS/Azure/GCP & proficient in Python/JavaScript.

Benefits

  • Medical, vision, and dental insurance
  • 401(k) plan with company matching
  • Life and accidental death and dismemberment insurance
  • Health Savings Account (HSA) with a high deductible plan
  • Flexible Spending Account (FSA)
  • Flexible paid time off and holidays
  • Variable commission program for business development sales roles