Security Software Engineer - Blockchain / Web3 - APAC
APAC. Remote
Shardeum Foundation
Shardeum is an EVM-based, linearly scalable network offering low gas fees forever while maintaining true decentralization and solid security.About the Company:
Shardeum is building a layer 1, EVM-based, linearly scalable, smart contract platform that provides low gas fees forever while maintaining true decentralization and solid security through dynamic state sharding. Shardeum aims to be a chain capable of onboarding over a billion people to the crypto revolution, while also democratizing accessibility to decentralization.
Shardeum’s mission is supported by prominent Venture Capitalists in the blockchain space, and we are on track to become one of the most widely used and well known smart contract platforms in blockchain history.
We encourage you to browse our website, Litepaper, Discord and YouTube channel to learn more about the project. You can even try downloading our validator software and joining our Testnet.
We encourage people of all backgrounds and experience levels to apply. Your talent and potential is what matters most to us. Shardeum is committed to creating an inclusive culture.
About The Role:
The Security Engineering team at Shardeum is responsible for delivering the Shardeum Mainnet safely and securely, and furthering the development of the smart contract platform, the consensus layer and the protocol layer. We focus on building scalable, performant, secure and reliable software that can be downloaded by thousands of node operators to actualize the Shardeum network.
We are in search of highly talented, innovative individuals to join our team. If you enjoy solving complex computer science problems, are passionate about what you work on, are a perfectionist who wants to build things the right way - the secure way - and are persistent about finishing what you started, then you're the kind of person we are looking for. You will be working with equally talented and innovative individuals with the goal of building incredible software with the potential to change the world.
What You'll Be Doing:
- Perform proactive assessments covering infrastructure, secure and resilient architecture, data security (including privacy), identity and access management, application and product security
- Be proactive in identifying potential security flaws in code, designs, and processes, and develop strategies and tactics to resolve and mitigate exposed issues
- NodeJS and TypeScript Code Audit: Conduct security audits on code, discover and address potential security vulnerabilities
- Aid in planning organizational security priorities
- Evaluate application architectures for security related concerns, and consult on mitigation options.
- Develop on-chain security strategies and perform security assessments and threat modeling of various blockchain protocols and smart contracts
- Develop security-related activities in the software engineering process (e.g., threat modeling, secure coding practices)
- Design and develop detection capabilities to detect known/unknown hacks in Web3
- Triage vulnerability reports, work with engineering team to develop fixes
- Prioritize and drive the reduction of discovered security issues, vulnerabilities, and risks
- Development and/or use of Security-Related Tools
- NodeJS and TypeScript Code Analysis: Develop and/or use analysis tools for automatic detection of potential security vulnerabilities
- On-chain Incidents Monitoring: Develop and maintain strategies for detecting on-chain attacks, enabling real-time observation and reporting of potential security events
What We're Looking For:
- BS/MS in Computer Science or related fields with security research experience
- Experience performing security architecture and design reviews
- Application Fuzzing and auditing experience
- Experience with Web3 security research a plus
- Good communication skills
- Knowledge of common vulnerabilities in different types of software and programming languages, including:
- How to test for/exploit them
- Real world mitigations that can be applied
- Familiarity with vulnerability classification frameworks (e.g., OWASP Top 10)
- Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited
We'd Love If You Have:
- Experience with concurrency, parallelism and distributed systems
- Familiarity with the Shardeum / Shardus open source repos
- Experience with consensus protocols and other blockchains
- Experience with Node.js and TypeScript, or languages like C, C++, Rust or Go
- Experience writing a smart contract on a blockchain
- Experience running a node in a blockchain network
- Knowledge of cryptography
- Experience with networks and operating systems
- Graduated with high academic scores or with honors
- Won or placed in a hackathon(s)
- Ranked highly on competitive coding sites
- Contributed to open source projects
- Written articles or created videos on technical topics, especially related to blockchain
- Read the Bitcoin and Ethereum whitepapers
- Done something extraordinary
Here’s What Our Interview Process Looks Like:
Depending on calendar availability, from the first stage to the final stage, we do our best to keep the entire process to under two weeks. Our interviews take place via video calls and typically consists of the following stages:
- Internal Recruiter Call (30 to 45 minutes)
- Meet with the Hiring Manager (1 hour)
- Technical Tests (1-3 x 1-2 hours)
- Culture & Values Interview (1 hour)
We are building the infrastructure for Web 3.0. It's going to be a rollercoaster ride but promises to be fun!
About the Founders:
Nischal Shetty: Founder of WazirX, India’s largest crypto exchange with over 10M users and $45B+ trading volume. Prior to WazirX, he built and scaled a social media product called Crowdfire to over 20M users. Previously featured in the Forbes India 30 under 30 list, he is a blockchain evangelist and one of the most notable proponents of crypto in India.
Omar Syed: Omar is a blockchain architect with over 30 years of experience in helping organizations such as NASA, Yahoo, Zynga build fault-tolerant, distributed systems. Omar holds a B.S. and M.S. from Case Western Reserve University with specialization in Artificial Intelligence.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Artificial Intelligence Audits Blockchain C Code analysis Computer Science Crypto Cryptography Exploit IAM Monitoring Node.js Open Source OWASP Privacy Product security Rust Security assessment TypeScript Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs