Security Engineer: Solana/Rust
Asymmetric Research
Asymmetric Research:
Asymmetric Research ("AR") is a boutique security venture focused on deep partnerships with L1/L2 blockchains and DeFi protocols in an effort to keep them safe. We specialize in four core domains of web3 security; research, engineering, incident response, and infrastructure services.
Culture:
AR is a fully remote organization and members of our team have been strongly committed to open-source values for decades, having worked at organizations with deep open-source roots and strong security programs including Google, Netflix, Mozilla, Stripe, and Jump Crypto. We pride ourselves on maintaining the highest levels of confidentiality, trust, and professionalism.
Responsibilities:
Design and implement security and defense-in-depth controls to prevent and limit vulnerabilities.
Perform cutting edge security research in Solana and other Rust-based smart contract platforms.
Develop security tooling and developer workflows to aid in the early detection of vulnerabilities.
Collaborate with core contributors to conduct internal security audits.
Shepherd external security audits with the help of leading 3rd party audit firms.
Operate leading bug bounty programs on Immunefi.
Work in a diverse decentralized team environment with web3 professionals.
Clearly communicate security risks and solutions.
Adhere to the highest standards of integrity, trust, and professionalism.
Requirements:
Strong desire to understand how things work, and the ability to quickly absorb new information.
Familiarity with at least one or more Rust-based smart contract platforms, including Solana, Cosmwasm, NEAR (strong preference to pre-existing Solana experience).
Proven experience as either a consultant, engineer, bug bounty hunter or auditor.
Prior experience working with open source development practices.
Willingness and aptitude to learn multiple Rust-based runtimes.
Understanding of blockchain infrastructure technologies, such as bridging or oracles.
Prior experience with reverse engineering and/or fuzzing.
Prior experience with code reviews
Prior leaderboard ranking on bug bounty, code contest, or CTF competitions.
Benefits:
25-days paid vacation
Office and equipment stipend
Pension / 401K programs
Life Insurance
Premium Healthcare
Competitive Base Salary
Lucrative Bonus Programs