At Matter Labs, we believe freedom drives progress and prosperity. We don’t see ourselves as a company, but as a team aligned around a single mission: to advance personal freedom for all (see ZK Credo).
To achieve this goal, we’re building zkSync — a credibly neutral, fully open source technology stack and network on top of Ethereum, which is owned and governed by its community. We use advanced cryptography called zero-knowledge proofs to scale Ethereum infinitely without compromising on security or decentralization. With a world-class team, a community of over 1M supporters across Twitter + Discord, and hundreds of millions $ in funding, we have abundant resources to accomplish the mission.
We are seeking a Protocol Security Engineer to join our Security Team. This role blends hands-on security work with the opportunity to influence protocol security from the earliest stages of development. You’ll focus on safeguarding ZKsync’s core components—smart contracts, ZK circuits, and blockchain nodes—while staying at the forefront of security research and industry best practices.
This role is ideal for someone who is curious, thrives on breaking systems, and wants to apply that mindset ethically in a high-stakes environment.
What You’ll Be Doing
Intentionally breaking things — conducting threat modeling and internal reviews of Solidity contracts, blockchain state transition functions (Rust), and other critical systems
Tracking the latest hacks, exploits, and attack vectors across the industry, and translating lessons learned into actionable security improvements
Embedding security best practices across development teams and influencing secure design
Taking ownership of protocol components with a focus on secure architecture and implementation
Participating in security investigations and incident response, often under time-sensitive and high-pressure conditions
What We’re Looking For
Curiosity & hacker mindset — you want to know how things break, not just how they work
Strong security instincts with the ability to anticipate adversarial behaviors
Familiarity with recent security incidents in the blockchain space and knowledge of prevention techniques
Practical experience with Solidity smart contracts, ZK circuits, or core blockchain protocols (preferred but not required)
Comfort with protocol-level debugging and root-cause analysis
Proficiency in strongly typed languages (e.g., C++, Scala, Go); Rust and Solidity are our primary languages, but prior experience with them is not mandatory
Deep understanding of algorithms, data structures, and their computational/memory complexities
Experience implementing data structures and algorithms from scratch
Fluent written and spoken English
