Security Engineer (Penetration Testing)

Why Us?

CertiK is a forward-thinking leader in blockchain security, using advanced AI technology to safeguard and monitor blockchain protocols and smart contracts. Established in 2018 by experts from distinguished universities, CertiK is dedicated to securing the web3 world by merging academic innovations with enterprise solutions.

About the Role

The key responsibility of this position revolves around CertiK's security services. Combining cybersecurity with blockchain expertise, CertiK's security services encompass consultancy, reviews, auditing of smart contracts and blockchains, verification of smart contracts, penetration testing, and more. We seek an individual with a strong interest in application security and penetration testing. This challenging full-time role entails various tasks such as hacking, threat modeling, auditing, and enhancing application security. Alongside client interactions, you will have numerous opportunities to contribute to our research and development initiatives, thereby elevating blockchain security standards.

Responsibilities

• Conduct security assessments on web, mobile, thick client applications, and browser extensions.
• Execute external and internal network penetration tests.
• Collaborate with external blockchain developers to audit code and secure products like smart contracts and dApps.
• Generate detailed pentest reports tailored for both technical and non-technical audiences.
• Engage in Research and development to create innovative techniques, tools, and methodologies for pentesting applications in the Blockchain sector.
• Contribute to the community by developing tools, delivering presentations, and creating blog posts.

Requirements

• Enthusiasm for Cryptocurrency, DeFi, and Blockchain.
• Proficiency in Solidity programming language and smart contracts.
• At least 3 years of experience in application security and penetration testing.
• Bachelor's degree in Computer Science, Security Information, or related field (Master's or PhD preferred).
• Proficiency in programming using scripting languages like Python, Perl, Ruby, and Bash.
• Deep comprehension of cryptography.
• Strong verbal and written communication skills.

Bonus Points

• Possession of certifications like OSCP, OSWE, OSCE, GWAPT, etc.
• Familiarity with cloud platforms such as AWS, Azure, and GCP.
• Experience in smart contract security auditing.
• Participation in bug bounty programs.
• Publication of security-related blog posts.
• Speaking engagements at security conferences or local meetups.

About the Company

CertiK, a fast-growing and reputable entity in blockchain security, boasts a rich history of collaborating with prominent Enterprise clients, securing substantial digital assets, and identifying numerous vulnerabilities in blockchain code. The company's stellar performance and track record have attracted investments from notable investors.

Compensation

The anticipated annual salary range for this role in the US is $100,000 - $140,000, contingent upon the skills and experience of potential candidates.

In accordance with federal regulations, all hires must verify identity and work eligibility in the US.

CertiK is an equal opportunity employer, committed to fostering diversity and inclusivity among its workforce. Hiring decisions are made without discrimination based on various protected characteristics.

CertiK employees are encouraged to actively support diversity within their teams and the Company.