CertiK

Sr. Security Engineer (Penetration Testing)

Reposted 23 Days Ago

2 Locations

Remote

100K-180K Annually

Mid level

Artificial Intelligence • Blockchain

The Role

This role involves performing security assessments, penetration testing, and security reviews for applications and smart contracts, while contributing to research and community efforts.

Summary Generated by Built In

Why Us?

CertiK is a pioneer in blockchain security, leveraging best-in-class AI technology to protect and monitor blockchain protocols and smart contracts. Founded in 2018 by professors from Yale University and Columbia University, CertiK’s mission is to secure the web3 world. CertiK applies cutting-edge innovations from academia to enterprise, enabling mission-critical applications to scale with safety and correctness.

About the Role

The primary responsibility of this role is for CertiK’s security-related services. Intersecting cybersecurity and blockchain, CertiK’s security offerings include security consulting, security reviews, security auditing of smart contracts and blockchains, verification of smart contracts, penetration testing, and more. We are looking to hire someone with a passion for application security and penetration testing. This is a fun and challenging full-time position. If you are excited about hacking, threat modeling, scanning, auditing, designing, and enhancing the security of applications across the board then you will thrive in this role. While you work with clients, we will also provide you with plenty of opportunities to get involved with research and development efforts to help us raise the standards of blockchain security.

Responsibilities

Perform security assessments on web, mobile, thick client applications, and browser extensions
Conduct external and internal network penetration tests
Perform security source code reviews
Perform cloud security reviews
Develop comprehensive pentest reports for both technical and non-technical audiences
Research and develop innovative techniques, tools, and methodologies for pentesting applications in the blockchain space
Contribute to the community by developing tools, presentations, and blog posts

Requirements

Passionate about cryptocurrency, DeFi, and blockchain, with a willingness to learn Web3 technologies such as smart contracts
Minimum of 4 years of experience in application security and penetration testing
Experienced in source code review for different languages, with a strong understanding of JavaScript and TypeScript
Experienced in mobile application penetration testing
Familiar with cloud platforms and their security risks, such as AWS, Azure, and GCP
Experience in programming with scripting languages such as Python and Bash
Solid understanding of cryptography
BS/MS/PhD in Computer Science or Information Security
Strong spoken and written communication skills

Bonus Points

Experienced in pentesting Web3 applications such as crypto exchanges, wallets, Dapps, and key custodian solutions
Experienced in smart contract security audits
Familiar with browser extension architecture and security risks
Actively participate in the blockchain security community
OSCP, OSWE, OSCE, GWAPT, or comparable certification
Participated in bug bounty programs and audit contests
Published security-related blog posts and spoken at security conferences and/or local meetups

About the Company

One of the fastest-growing and most trusted companies in blockchain security, CertiK is a true market leader. To date, CertiK has worked with over 3,200 Enterprise clients, secured over $310 billion worth of digital assets, and has detected over 60,000 vulnerabilities in blockchain code. Our clients include leading projects such as Aave, Polygon, Binance Smart Chain, Terra, Yearn, and Chiliz.

Investors = Insight Partners, Sequoia, Tiger Global, Coatue Management, Lightspeed, Advent International, SoftBank, Hillhouse Capital, Goldman Sachs, Coinbase Ventures, Binance, Shunwei Capital, IDG Capital, Wing, Legend Star, Danhua Capital and other investors.

Compensation

Target annual base salary for this role performed in the US is $100,000 - $180,000. The exact compensation at which this job is filled will be determined by the skills and experience of qualified candidates.

#LI-Remote

#blockchain

#startups

#hiring

CertiK accepts applications for this position on an ongoing basis.

CertiK is proud to offer medical, vision, and dental insurance, 401(k) plan with company matching, life and accidental death and dismemberment insurance, HSA (with high deductible plan), FSA, and other benefits to all full-time employees, along with flexible paid time off and holidays. CertiK also offers a variable commission program for business development sales roles.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

CertiK is proud to be an equal opportunity employer. We will not discriminate against any applicant or employee on the basis of age, race, color, creed, religion, sex, sexual orientation, gender, gender identity or expression, medical condition, national origin, ancestry, citizenship, marital status or civil partnership/union status, physical or mental disability, pregnancy, childbirth, genetic information, military and veteran status, or any other basis prohibited by applicable federal, state or local law.

CertiK will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements.

https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf

All CertiK employees are expected to actively support diversity on their teams, and in the Company.

Top Skills

AWS

Azure

Bash

GCP

JavaScript

Python

Typescript

View all jobs at CertiK

View CertiK Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

New York, NY

133 Employees

Year Founded: 2018

What We Do

Founded in 2018 by professors of Yale University and Columbia University, CertiK is a pioneer in blockchain security, utilizing best-in-class AI technology to secure and monitor blockchain protocols and smart contracts. CertiK’s mission is to secure the cyber world. Starting with blockchain, CertiK applies cutting-edge innovations from academia into enterprise, enabling mission-critical applications to be built with security and correctness.

CertiK is one of the fastest growing and most trusted companies in blockchain security and has become a true market leader. To date, we have collectively worked with over 1300 enterprise clients, helped secure over $90 billion worth of digital assets, and detected over 23,000 vulnerabilities in blockchain code. Our clients include leading projects such as Aave, Polygon, Binance Smart Chain, Terra, Yearn, and Chiliz. Our Q1 2021 revenues have more than quadrupled the revenue of the full 2020 year. Since Q1 2020, our team size has more than doubled, and this rate of growth will continue in 2021, creating a highly effective, remote-friendly culture with talents located worldwide.

CertiK just raised over $60 million in Series B and B+ funding rounds in 2021. Our investors include top VCs like Tiger Global, Coatue Management, Shunwei Capital and Hillhouse Capital as well as industry leaders like Coinbase Ventures and Binance.