Responsibilities:

• Conduct realistic adversary simulations from conception through reporting.

• Perform Testing systems, applications, networks and processes.

• Research cutting-edge offensive security techniques.

• Developing tools and exploits.

• Communicate clearly and effectively, both written and orally, the risks that exist and remediations required.

• Work collaboratively and independently on unique or special assignments which may require specialized knowledge and/or experience.

• Comply with Company, Division and Professional ethical standards.

Requirements:

• A passion for the blockchain industry

• 3+ year of experience in application development in Rust (blockchain or smart contract development experience is a plus)

• 2+ years of offensive security experience.

• Experience in WASM/BPF is a plus

• Understanding of system administration and network administration.

• Experience using common penetration testing tools, BurpSuite, Metasploit, etc.

• Practical reverse engineering and fuzzing experience is a plus

• Proficient in at least 1 scripting language.

• Proficiency with common server and workstation operating systems.

• Proficient in testing modern web application languages and frameworks.

• Proficient knowledge of blockchain and smart contract implementations.

• Deep understanding of main Rust-based smart contract runtimes:

   • CosmWasm

   • Solana

   • Substrate/Polkadot

    • NEAR

• Ability to think critically and identify areas of technical and non-technical risk.

• Ability to write technical reports and communicate technical content to non-technical audiences.

• Relevant security certifications are a plus, but not required (OSCP, OSCE, GPEN, GWAPT, LPT, CISSP).

All candidates who make it past 2nd round  will be required to: 

• Pass background and criminal record check

• Provide x3 relevant references