Responsibilities:
• Conduct realistic adversary simulations from conception through reporting.
• Perform Testing systems, applications, networks and processes.
• Research cutting-edge offensive security techniques.
• Developing tools and exploits.
• Communicate clearly and effectively, both written and orally, the risks that exist and remediations required.
• Work collaboratively and independently on unique or special assignments which may require specialized knowledge and/or experience.
• Comply with Company, Division and Professional ethical standards.
Requirements:
• A passion for the blockchain industry
• 3+ year of experience in application development in Rust (blockchain or smart contract development experience is a plus)
• 2+ years of offensive security experience.
• Experience in WASM/BPF is a plus
• Understanding of system administration and network administration.
• Experience using common penetration testing tools, BurpSuite, Metasploit, etc.
• Practical reverse engineering and fuzzing experience is a plus
• Proficient in at least 1 scripting language.
• Proficiency with common server and workstation operating systems.
• Proficient in testing modern web application languages and frameworks.
• Proficient knowledge of blockchain and smart contract implementations.
• Deep understanding of main Rust-based smart contract runtimes:
• CosmWasm
• Solana
• Substrate/Polkadot
• NEAR
• Ability to think critically and identify areas of technical and non-technical risk.
• Ability to write technical reports and communicate technical content to non-technical audiences.
• Relevant security certifications are a plus, but not required (OSCP, OSCE, GPEN, GWAPT, LPT, CISSP).
All candidates who make it past 2nd round will be required to:
-
Pass background and criminal record check
-
Provide x3 relevant references
