Security Engineer (Penetration Testing)
New York / Remote
Applications have closed
CertiK
CertiK is the leading security-focused ranking platform to analyze and monitor blockchain protocols and DeFi projects.CertiK is one of the fastest growing and most trusted companies in blockchain security and has become a true market leader. To date, we have collectively worked with over 1800 enterprise clients, helped secure over $310 billion worth of digital assets, and detected over 31,000 vulnerabilities in blockchain code. Our clients include leading projects such as Aave, Polygon, Binance Smart Chain, Terra, Yearn, and Chiliz.
CertiK just raised over $140 million and backed by Coatue, Tiger Global, Sequoia, and Hillhouse Capital.
About the RoleThe primary responsibility of this role is for CertiK’s security-related services. Intersecting cybersecurity and blockchain, CertiK’s security offerings include security consulting, security reviews, security auditing of smart contracts and blockchains, verification of smart contracts, penetration testing, and more. We are looking to hire someone with a passion for application security and penetration testing. This is a fun and challenging full-time position. If you are excited about hacking, threat modeling, scanning, auditing, designing, and enhancing the security of applications across the board then you will thrive in this role. While you work with clients, we will also provide you with plenty of opportunities to get involved with research and development efforts to help us raise the standards of blockchain security.
Responsibilities
- Perform security assessment on web, mobile, thick client application, and browser extension.
- Perform external, internal network penetration testsSecurity source code review
- Develop comprehensive pentest reports for technical and non-technical audiences
- Research and develop innovative techniques, tools, and methodologies for pentesting applications in the Blockchain space
- Contribute to the community through the development of tools, presentations, and blog posts
Requirements
- Passionate about Cryptocurrency/DeFi/Blockchain
- Minimum of 3 years experience with application security and penetration testing
- BS/MS/PhD in Computer Science/Security Information
- Experience in programming with scripting languages such as Python, Perl, Ruby and Bash
- Solid understanding of cryptography
- Strong spoken and written communication skills
Bonus Points
- OSCP, OSWE, OSCE, GWAPT or comparable certification
- Familiar with cloud platforms such as AWS, Azure and GCP
- Experienced with smart contract security audit
- Participated in the bug bounty programs
- Published security related blog post
- Spoke at security conferences and/or local meetups
CertiK is proud to offer medical, vision, and dental insurance, 401(k) plan with company matching, life and accidental death and dismemberment insurance, HSA (with high deductible plan), FSA, and other benefits to all full-time employees, along with flexible paid time off and holidays.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.
CertiK is proud to be an equal opportunity employer. We will not discriminate against any applicant or employee on the basis of age, race, color, creed, religion, sex, sexual orientation, gender, gender identity or expression, medical condition, national origin, ancestry, citizenship, marital status or civil partnership/union status, physical or mental disability, pregnancy, childbirth, genetic information, military and veteran status, or any other basis prohibited by applicable federal, state or local law.
CertiK will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements.https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf
All CertiK employees are expected to actively support diversity on their teams, and in the Company.
Tags: Application security Audits AWS Azure Bash Blockchain Cloud Compliance Computer Science Cryptography GCP GWAPT OSCE OSCP OSWE Pentesting Perl PhD Python Ruby Scripting Security assessment Vulnerabilities
Perks/benefits: Conferences Flex vacation Health care Insurance Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs