Blockchain Security Analyst - remote

Trail of Bits
Posted 3 years ago
We Work Remotely
Role
Our growing team is directing the future of blockchain security. We review blockchain code and smart contracts for security vulnerabilities. Between engagements, we build custom tools like Manticore, Ethersplay, Slither, and Echidna to aid our process. Think of all of the security tools for x86 that you would have liked to have built yourself, but mature versions already existed. Few of those tools have been built yet for blockchain architectures. Join us to make a career-defining contribution.

You will be at the forefront of blockchain security research. You will review smart contracts, blockchain infrastructure code, and decentralized applications for security vulnerabilities using a combination of manual static analysis and our tool suite. In your time between engagements, you will help improve our existing tooling and create new tools and analytics. Other practitioners will come to rely on your work. You will make a name for yourself in this nascent discipline.

Responsibilities
  • Work directly with the leading blockchain industry teams to review their code and help secure their products
  • Design and implement solutions to difficult engineering and research problems
  • Collaborate with teammates to maintain and continually improve our existing blockchain security tools using modern software engineering practices
  • Develop new blockchain security tools

Requirements
(Required)
  • 2+ years of experience in pure blockchain engineering and 1 year of experience in solidity security analysis.
  • The ideal candidate has multiple years in traditional security, before working in the blockchain space.
  • The position has no location restriction, but does require some overlap with EST working hours.
  • Solid understanding of the Ethereum Virtual Machine and Yellow Paper
  • Fluency in Solidity development and deployment of smart contracts.
  • High level understanding of common cryptographic vulnerabilities
  • Experience with library and API design
  • Strong debugging skills and/or experience with reverse engineering

(Nice to have)
  • Experience with Python, JavaScript, and TypeScript.
  • Proficiency with Linux and Git
  • Great written and spoken communication skills. We highly encourage all engineers to get regular face-time with customers, to write company blog posts about their accomplishments, and to deliver presentations to the technical community.