Protochain is a research-oriented development and trading firm focused on building the future of crypto infrastructure and markets.
We're a team of both builders and traders who work to unlock the long-term potential of crypto by building a suite of products, contributing to decentralized protocols and open-source codebases, and improving market structure. We are based out of New York City, with the possibility to be remote depending on the position.
As a Blockchain Security Engineer at Protochain, you will partner with project leads, researchers, and other senior developers on strategic efforts to secure blockchain projects within high value ecosystems. You will be working across multiple layer 1 blockchains, securing both on-chain and off-chain logic to build and support new functionality. You’ll also contribute to internal and external tooling as part of our effort to make smart contract programming safer and more maintainable.
What You'll Do:
- Audit smart contracts that serve as critical infrastructure to blockchain, cryptocurrency, and other decentralized technologies
- Lead internal and external security assessments of blockchain technologies.
- Participate in risk assessment, threat modeling, and other security exercises.
- Design, build, and implement security solutions to support open-source blockchain projects.
- Manage or train other engineers both internal to Protochain, as well as within the crypto community, to help projects scale safely.
- Contribute to our security bug bounty programs, helping validate and fix reported vulnerabilities.
- Advise both closed and open source projects to improve their security posture.
- Develop security automation tooling for SAST, DAST, and CI/CD frameworks.
- Manage fast-moving priorities and help shape product security strategy.
- Collaborate with community members via channels such as Slack, Discord, and Telegram.
- Write clear and concise documentation to support a security-focused SDLC.
- Other duties as assigned or needed.
Skills You’ll Need:
- Experience with or willingness to learn Smart Contract Auditing (Solidity or other smart contract languages)
- Familiarity with Web3, DeFi protocols, Cryptocurrency, EVM, DAOs, and NFTs
- Strong interest in securing logic and applications that will accelerate the adoption of the decentralized future
- Experience with reverse engineering complex systems.
- Knowledge and application of secrets management, data encryption, key management, PKI, distributed ledgers and tokenization
- Experienced in architecting, or contributing to, mid-to-large scale software projects
- Experience with securing cloud environments and container platforms
- Experience with leading penetration tests, red team exercises, bug bounty programs, or CTFs
- Excited by the prospect of working in a fast-paced and lean organization with evolving focuses and priorities