Blockchain Security Expert - Security Audit Track

About the Role

The primary responsibility of this role is for CertiK’s security-related services. Intersecting cybersecurity and blockchain, CertiK’s security offerings include security consulting, security reviews, security auditing of smart contracts and blockchains, verification of smart contracts, penetration testing, and more.

As a Security Engineer at CertiK, you will contribute to the security offerings of the company, working with the rest of the security team to deliver the best products and services. You might engage directly with CertiK’s existing and future clients, participate in expanding security-related products and services, and follow the blockchain world on emerging security problems and trends.

Responsibilities

• Perform end-to-end security services, including consulting, reviewing, auditing, verifying, testing, and delivering detailed security assessments for blockchain systems such as smart contracts, web3 protocols, L1/L2/L3 infrastructures, and dApps.
• Conduct comprehensive manual code reviews to identify vulnerabilities, logical flaws, economic attacks, and non-obvious edge cases across Solidity, Golang, Rust or other blockchain languages.
• Develop and refine threat models and attack surfaces, covering economic, technical, operational, and trust-assumption risks for blockchain protocols.
• Design and execute security tests, including property-based testing and gas-related analysis.

Requirements

• Bachelor's degree in Security, Computer Science, Mathematics, Physics, and Engineering
• The ability to efficiently triage and juggle multiple priorities and deadlines.
• Specialist-level knowledge of cybersecurity and security auditing. Can write and deploy smart contracts/blockchain infrastructure and write tests with frameworks.
• Familiar with classic attack vectors and vulnerabilities such as reentrancy, sandwich attacks, overflow/underflow
• The ability to effectively communicate with the clients and internal team, both verbally in English and in writing, about security services and requirements.
• [Preferred] Prior hands-on security auditing experience.