Rust/Solana Auditor

This is a boutique security venture focused on deep partnerships with L1/L2 blockchains and DeFi protocols in an effort to keep them safe. We specialize in four core domains of Web3 security: research, engineering, incident response, and infrastructure services.

Culture

We are a fully remote organization, and members of our team have been strongly committed to open-source values for decades, having worked at organizations with deep open-source roots and strong security programs including Google, Netflix, Mozilla, Stripe, and Jump Crypto. We pride ourselves on maintaining the highest levels of confidentiality, trust, and professionalism.

Responsibilities

• Design and implement security and defense-in-depth controls to prevent and limit vulnerabilities.
• Perform cutting-edge security research in Solana and other Rust-based smart contract platforms.
• Develop security tooling and developer workflows to aid in the early detection of vulnerabilities.
• Collaborate with core contributors to conduct internal security audits.
• Shepherd external security audits with the help of leading 3rd party audit firms.
• Operate leading bug bounty programs on Immunefi.
• Work in a diverse decentralized team environment with Web3 professionals.
• Clearly communicate security risks and solutions.
• Adhere to the highest standards of integrity, trust, and professionalism.

Requirements

• Strong desire to understand how things work, and the ability to quickly absorb new information.
• Familiarity with at least one or more Rust-based smart contract platforms, including Solana, Cosmwasm, NEAR (strong preference to pre-existing Solana experience).
• Proven experience as either a consultant, engineer, bug bounty hunter, or auditor.
• Prior experience working with open source development practices.
• Willingness and aptitude to learn multiple Rust-based runtimes.
• Understanding of blockchain infrastructure technologies, such as bridging or oracles.
• Prior experience with reverse engineering and/or fuzzing.
• Prior experience with code reviews.
• Prior leaderboard ranking on bug bounty, code contest, or CTF competitions.

Benefits

• 25-days paid vacation.
• Office and equipment stipend.
• Pension / 401K programs.
• Life Insurance.
• Premium Healthcare.
• Competitive Base Salary.
• Lucrative Bonus Programs.