Security Engineer - Blockchain / Web3
About the Company:
Shardeum is building a layer 1, EVM-based, linearly scalable, smart contract platform that provides low gas fees forever while maintaining true decentralization and solid security through dynamic state sharding. Shardeum aims to be a chain capable of onboarding over a billion people to the crypto revolution, while also democratizing accessibility to decentralization.
Shardeum’s mission is supported by prominent Venture Capitalists in the blockchain space, and we are on track to become one of the most widely used and well known smart contract platforms in blockchain history.
We encourage people of all backgrounds and experience levels to apply. Your talent and potential is what matters most to us. Shardeum is committed to creating an inclusive culture.
About The Role:
The Security Engineering team at Shardeum is responsible for delivering the Shardeum Mainnet safely and securely, and furthering the development of the smart contract platform, the consensus layer and the protocol layer. We focus on building scalable, performant, secure and reliable software that can be downloaded by thousands of node operators to actualize the Shardeum network.
We are in search of highly talented, innovative individuals to join our team. If you enjoy solving complex computer science problems, are passionate about what you work on, are a perfectionist who wants to build things the right way - the secure way - and are persistent about finishing what you started, then you’re the kind of person we are looking for. You will be working with equally talented and innovative individuals with the goal of building incredible software with the potential to change the world.
What You’ll Be Doing:
- Perform proactive assessments covering infrastructure, secure and resilient architecture, data security (including privacy), identity and access management, application and product security
- Be proactive in identifying potential security flaws in code, designs, and processes, and develop strategies and tactics to resolve and mitigate exposed issues
- NodeJS and TypeScript Code Audit: Conduct security audits on code, discover and address potential security vulnerabilities
- Aid in planning organizational security priorities
- Evaluate application architectures for security related concerns, and consult on mitigation options.
- Develop on-chain security strategies and perform security assessments and threat modeling of various blockchain protocols and smart contracts
- Develop security-related activities in the software engineering process (e.g., threat modeling, secure coding practices)
- Design and develop detection capabilities to detect known/unknown hacks in Web3
- Triage vulnerability reports, work with engineering team to develop fixes
- Prioritize and drive the reduction of discovered security issues, vulnerabilities, and risks
- Development and/or use of Security-Related Tools
- NodeJS and TypeScript Code Analysis: Develop and/or use analysis tools for automatic detection of potential security vulnerabilities
- On-chain Incidents Monitoring: Develop and maintain strategies for detecting on-chain attacks, enabling real-time observation and reporting of potential security events
What We’re Looking For:
- BS/MS in Computer Science or related fields with security research experience
- Experience performing security architecture and design reviews
- Application Fuzzing and auditing experience
- Experience with Web3 security research a plus
- Good communication skills
- Knowledge of common vulnerabilities in different types of software and programming languages, including:
- How to test for/exploit them
- Real world mitigations that can be applied
- Familiarity with vulnerability classification frameworks (e.g., OWASP Top 10)
- Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited
We’d Love If You Have:
- Experience with concurrency, parallelism and distributed systems
- Familiarity with the Shardeum / Shardus open source repos
- Experience with consensus protocols and other blockchains
- Experience with Node.js and TypeScript, or languages like C, C++, Rust or Go
- Experience writing a smart contract on a blockchain
- Experience running a node in a blockchain network
- Knowledge of cryptography
- Experience with networks and operating systems
- Graduated with high academic scores or with honors
- Won or placed in a hackathon(s)
- Ranked highly on competitive coding sites
- Contributed to open source projects
- Written articles or created videos on technical topics, especially related to blockchain
- Read the Bitcoin and Ethereum whitepapers
- Done something extraordinary
Here’s What Our Interview Process Looks Like:
Depending on calendar availability, from the first stage to the final stage, we do our best to keep the entire process to under two weeks. Our interviews take place via video calls and typically consists of the following stages:
- Internal Recruiter Call (30 to 45 minutes)
- Meet with the Hiring Manager (1 hour)
- Technical Tests (1-3 x 1-2 hours)
- Culture & Values Interview (1 hour)
Ideal Location For This Role
This is a fully remote role, however we prefer candidates who can work during or overlap with the US Central time zone.
We are building the infrastructure for Web 3.0. It’s going to be a rollercoaster ride but promises to be fun!
About the Founders:
Nischal Shetty: Founder of WazirX, India’s largest crypto exchange with over 10M users and $45B+ trading volume. Prior to WazirX, he built and scaled a social media product called Crowdfire to over 20M users. Previously featured in the Forbes India 30 under 30 list, he is a blockchain evangelist and one of the most notable proponents of crypto in India.
Omar Syed: Omar is a blockchain architect with over 30 years of experience in helping organizations such as NASA, Yahoo, Zynga build fault-tolerant, distributed systems. Omar holds a B.S. and M.S. from Case Western Reserve University with specialization in Artificial Intelligence.