Zokyo
Senior Security Engineer (Smart Contract Auditor)
Zokyo is actively seeking a seasoned Solidity/Rust/Move auditor to join our dynamic and mission-driven team.
About Zokyo
In 2023, $2 billion was lost to crypto theft. Established in 2018, Zokyo is dedicated to securing web3, tackling unique challenges in cryptocurrency such as security breaches, proactive threat intelligence, social engineering, and economic hacks. We serve top web3 organizations, Fortune 500 companies, governments, and gaming enterprises.
Culture
Our 100% remote team emphasizes culture, learning, and tackling significant challenges. We are a global collection of elite cybersecurity professionals who thrive on independence and impactful work in cutting-edge technologies. The ideal candidate will receive a competitive salary with commission. Benefits include unlimited vacation, travel opportunities, and the chance to be part of a team with a true passion for web3 and freedom.
Job Description
As the Senior Security Engineer at Zokyo, you will play a pivotal role in contributing to our security initiatives. This is a high-impact position that demands strong technical knowledge and collaboration within the team.
Responsibilities:
- Conduct manual security assessments and testing of smart contracts, identifying critical, high, and low-risk vulnerabilities.
- Communicate assessment findings and necessary remediations clearly and professionally to the team.
- Work autonomously and collaboratively on unique assignments that may require specialized knowledge and experience.
- Adhere to ethical standards in white-hat hacking practices.
- Conduct technical team training.
- Perform security research.
Requirements:
- Solid experience in Solidity, Rust, and Move smart contract audits.
- Proficient in at least one programming language.
- In-depth knowledge of blockchain and smart contract implementations.
- Critical thinking skills to identify technical and non-technical risks.
- Ability to write technical reports and communicate technical content to non-technical audiences.
- Relevant security certifications are a plus but not required (OSCP, OSCE, GPEN, GWAPT, LPT, CISSP).