Senior Product Security Engineer
Remote within EU or APAC
Swirlds Labs
About Swirlds Labs:
We are a fast-growing company built around a revolutionary technology — the hashgraph consensus algorithm. Hedera Hashgraph is well-suited to become the world’s first mass-adopted distributed public ledger because it is blazing fast, highly secure, and ensures fairness. We are on a mission to create a trusted and empowered digital future for everyone; a cyberspace where you work, play, buy, sell, create, and engage socially; where you have safety and privacy in your digital communities; where you feel confident when interacting with others; where you own and control your information. Join us and say, “Hello future.”
You may find yourself doing all of the following:
- Conducting comprehensive security assessments of blockchain-based systems, focusing on web3 security and smart contract security
- Writing malicious smart contracts to exploit and identify vulnerabilities in the Hedera blockchain
- Developing and implementing security strategies and best practices for the Hedera blockchain protocols
- Collaborating with development teams to integrate security measures into the design and implementation of blockchain solutions
- Designing and executing penetration testing and vulnerability assessments on blockchain networks and associated components
- Staying updated on emerging threats and vulnerabilities in the blockchain space and providing guidance on mitigation strategies
- Educating internal stakeholders on blockchain security best practices and principles
- Contributing to the development of security tools and frameworks tailored for blockchain environments
- Assisting in incident response activities related to blockchain security incidents
- Participating in security awareness training programs for internal stakeholders
Qualification Requirements:
- Bachelor's or Master's degree in Computer Science, Information Security, Blockchain, Cryptography, or related field (or equivalent experience)
- 8+ years of experience in product security, application security, or penetration testing
- of which 2+ years of experience in blockchain security, smart contract auditing, or related roles
- Proficiency in smart contract languages such as Solidity or Rust and familiarity with blockchain platforms like Ethereum; knowledge of the Hedera Blockchain is a plus
- Strong understanding of web3 technologies and protocols (e.g., Gossip, Ethereum, IPFS, Whisper)
- Experience with security assessment tools and methodologies specific to blockchain environments
- Familiarity with common blockchain security vulnerabilities and attack vectors
- Knowledge of cryptographic principles and protocols relevant to blockchain security
- Excellent problem-solving skills and ability to analyze complex systems
- Effective communication skills and ability to work collaboratively with cross-functional teams
- Hands-on experience with security testing tools such as static analysis, dynamic analysis, and fuzzing tools
Other skills that are great to bring with you but that we can help you develop:
- Relevant certifications (e.g., OSCP, OSEP, OSWA, OSWE); relevant certifications in blockchain security or related areas (e.g., Certified Blockchain Security Professional) are a plus
- Experience in Bug bounty, Security Research, CVE publications, Red teaming, and attack surface management
- Experience with cloud environments (e.g., GCP, AWS)
- Understanding of common programming languages and scripting languages, such as Python, PowerShell, or Bash
- Experience with containerization and orchestration technologies, such as Docker and Kubernetes, and their associated security best practices
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits AWS Bash Blockchain Cloud Computer Science Cryptography Docker Exploit GCP Incident response Kubernetes OSCP OSWE Pentesting PowerShell Privacy Product security Python Red team Rust Scripting Security assessment Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs