Responsibilities
- Conduct realistic adversary simulations from conception through reporting.Perform Testing systems, applications, networks and processes.
- Research cutting-edge offensive security techniques.
- Developing tools and exploits.
- Communicate clearly and effectively, both written and orally, the risks that exist and remediations required.
- Work collaboratively and independently on unique or special assignments which may require specialized knowledge and/or experience.
- Comply with Company, Division and Professional ethical standards.
Requirements
- A passion for the cryptocurrency industry.
- Experience in smart contract audits (suggested).
- 5+ years of offensive security experience.
- 2+ years of experience auditing DeFi protocols (Solidity, Solana or any Rust-based protocol).
- Experience using common penetration testing tools, BurpSuite, Metasploit, etc.
- Proficient in at least 1 scripting language.
- Proficiency with common server and workstation operating systems.
- Mastery in testing modern web application languages and frameworks.
- Mastery in testing modern authentication systems and Identity Providers.
- Proficient knowledge of blockchain and smart contract implementations.
- Ability to think critically and identify areas of technical and non-technical risk.
- Ability to write technical reports and communicate technical content to non-technical audiences.
- Relevant security certifications are a plus, but not required (OSCP, OSCE, GPEN, GWAPT, LPT, CISSP).
All candidates who make it past 2nd round will be required to:
- Pass background and criminal record check
- Provide x3 relevant references