Security Engineer/Auditor

Remote

Consensys logo
Consensys
Apply now Apply later

Posted 1 month ago

About ConsenSys

ConsenSys is the leading Ethereum software company. We enable developers, enterprises, and people worldwide to build next-generation applications, launch modern financial infrastructure, and access the decentralized web. Our product suite, composed of Infura, Quorum, Codefi, MetaMask, and Diligence, serves millions of users, supports billions of blockchain-based queries for our clients, and has handled billions of dollars in digital assets. Ethereum is the largest programmable blockchain in the world, leading in business adoption, developer community, and DeFi activity. On this trusted, open source foundation, we are building the digital economy of tomorrow. To explore our products and solutions, visit http://consensys.net/.

About ConsenSys Diligence

ConsenSys Diligence helps developers build secure blockchain and smart contract applications.  We are expanding our efforts on smart contract security to meet the needs of a growing list of external clients, including major financial institutions, and  Aave, 0x, Balancer, Uniswap, Status and many more.  Our aim is to build the most technically-gifted, engineering-focused blockchain security team.

We are also the creators of the MythX security analysis service for Ethereum smart contracts, and we maintain a number of standard setting industry references, including the SWC Registry, Smart Contract Best Practices, and Blockchain Security Database.

About the role

Are you looking for the next frontier where you can apply your expertise in penetration testing, Web Application security testing, vulnerability scanning, and threat modelling?  Smart contracts are programs on a blockchain: they never go down, cannot be changed, and run as programmed. These smart contracts directly control money, so security is critical.

We are looking to hire someone with a passion for Solidity, the Ethereum Virtual Machine (EVM), distributed computing and security.  Candidates should relish in technical subtleties and minutiae, and have a passion for combining them with a flair for creativity and insight to hack smart contracts.

This is a fun and challenging full-time position involving hacking, threat modelling, scanning, auditing, designing and enhancing the security of smart contracts across the board.

Alongside client work, we will also provide you with plenty of time for research and development efforts where you can push the state of the art and science of blockchain security.

A significant part of the work can be done remotely from wherever you are; little travel is anticipated (most of the team works remotely around the world).  Along with a focus on technical excellence, we also believe firmly that culture and processes play an essential role in security. 

We are looking for exceptionally intellectual, bright and technically driven individuals who can communicate their ideas clearly while working with clients to achieve their security objectives. 

Qualifications

  • Demonstrated expertise and contributions towards smart contract security, EIPs (Ethereum Improvement Proposals), or research.
  • Strong relevant work experience analyzing the security of systems (penetration testing, Web Application security testing, vulnerability scanning, threat modelling, etc.).
  • 3 years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, front-line analysis and response.
  • 1 year demonstrated expertise with Solidity, the EVM, and blockchain
  • Demonstrated ability to work well with clients, and communicate clearly and concisely in a written format

Nice to haves

  • Publicly visible audit reports in your portfolio
  • BS degree in a relevant field or equivalent practical experience
  • Experience blogging or presenting on security related topics
  • Experience building tooling in javascript, typescript or python
  • Advanced degree (MS, PhD) in a relevant field

Here are some of the perks of being part of a unique organization like ConsenSys:

    • One of the most recognized tech companies in the blockchain ecosystem globally. A work experience at ConsenSys is a tremendous reference for your future career. ConsenSys alumni have moved on to become tech entrepreneurs, CEOs, and team leads at tech companies.
    • The forefront of a revolution. We fundamentally believe blockchain is a next generation of technology that  can lay the foundation for a more just and equitable society. You can be a part of building the digital economy of tomorrow and radically transforming our society for the better.
    • A dynamic startup environment with deep roots. We are one of the earliest blockchain companies and a leader in the space.  You’ll join a network of entrepreneurs and technologists that reaches the edge of our ecosystem.   
    • Deep technical challenges. Blockchain  technology is just over 10 years old. Ethereum itself is still a toddler. There is much to be done before these platforms can scale to the order of millions or billions of users. We are building the tools, infrastructure and applications l that are pushing the technology forward.
    • Continuous learning and improvements. You’ll be constantly exposed to new concepts, ideas and frameworks from your peers and as you work on different projects — challenging you to stay at the top of your game.

ConsenSys is an equal opportunity employer. We encourage people from all backgrounds to apply. We are committed to ensuring that our technology is made available and accessible to everyone. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law.

Job tags: Auditing Go JavaScript Open Source Penetration testing Python
Share this job: