Smart Contract Auditors
CryptoSec is focused on facilitating and protecting the decentralized, programmable future of everything by helping our clients manage related cybersecurity, privacy, regulatory, financial crime and operational risks.
We have a thriving, fully-remote, collaborative culture in which we value curiosity, passion, continuous learning, accountability, honesty, diversity of thought, and constructive conflict. We abhor organizational bullshit in all its dimensions.
…and we’re hiring!
What you will do
- The Smart Contract Auditor will review security of the various smart contracts and protocols within the DeFi ecosystem (primarily Solidity contracts)
- Identify vulnerabilities, design and architectural flaws, quality improvement, and ways to mitigate future risk
- Write clear and concise reports and “action-steps” for developers to quickly mitigate and fix any issues discovered
- Interact with developers, and key stakeholders when identifying and handling security issues
- Demonstrated expertise with Solidity, EVM, and blockchain
- Experience developing and building on DeFi protocols and smart contracts
- Proven experience writing smart contracts and familiarity with Solidity libraries
- Good understanding of the Ethereum blockchain and dApp architecture
- Understanding of Layer 2 solutions and cross-chain bridge technologies
- Experience with compiler, parser, and assembler of smart contract bytecode
- Static analysis and dynamic analysis of bytecode and source code
- Experience with auditing smart contracts and assessing smart contract security risks
- Knowledge of best practices for smart contract development
- Experience with discovering vulnerabilities at design/system level
- Knowledgeable of smart contract vulnerability and hands-on experience to exploit these vulnerability
- Solid understanding of relevant common vulnerability classes and hands-on experience with exploiting these vulnerabilities
- Knowledgeable on various security analysis tools on smart contract and hands-on experience to setup and use it
- Focus on improving real-world security, not compliance
- Pro-active problem solver
- Strong communication and collaboration skills
- Strong sense of ownership
- Proficient English communication, both written and spoken
- Fuzzing and formal verification as a big plus
You belong here
Most roles with CryptoSec are globally remote based. We encourage you to apply regardless of your location.
We also encourage you to apply regardless of your race, color, ethnicity, national origin, sex (including pregnancy, childbirth, reproductive health decisions), sexual orientation, gender identity, gender expression, age, spirituality, experience, genetic characteristics, disability, and more.
We proudly, passionately, and actively strive to make our team more inclusive and reflective of the global and diverse client base we serve. We believe that diversity of work experiences, life experiences, and thought makes us stronger. We are committed to helping diverse talent thrive.
Beyond usual accommodations for applicants with physical and mental disabilities, we are willing to work with you to adapt our interview process to reduce any risks of interviewers’ unconscious bias. Let us know at [email protected] if you have particular concerns and prior to the interview process we will work with you to design a process that minimizes your concerns. Such accommodations might include anonymous and location-free CVs and interviews in initial phases; a selection process fully based only on your ability to execute a task without any conversational interviews; your inputs into the interview panel members selection; and others.