What You'll Be Doing:

📍Perform proactive assessments covering infrastructure, secure and resilient architecture, data security (including privacy), identity and access management, application and product security 📍Be proactive in identifying potential security flaws in code, designs, and processes, and develop strategies and tactics to resolve and mitigate exposed issues NodeJS and TypeScript Code Audit: Conduct security audits on code, discover and address potential security vulnerabilities 📍Aid in planning organizational security priorities 📍Evaluate application architectures for security related concerns, and consult on mitigation options. 📍Develop on-chain security strategies and perform security assessments and threat modeling of various blockchain protocols and smart contracts 📍Develop security-related activities in the software engineering process (e.g., threat modeling, secure coding practices) 📍Design and develop detection capabilities to detect known/unknown hacks in Web3 📍Triage vulnerability reports, work with engineering team to develop fixes 📍Prioritize and drive the reduction of discovered security issues, vulnerabilities, and risks 📍Development and/or use of Security-Related Tools 📍NodeJS and TypeScript Code Analysis: Develop and/or use analysis tools for automatic detection of potential security vulnerabilities 📍On-chain Incidents Monitoring: Develop and maintain strategies for detecting on-chain attacks, enabling real-time observation and reporting of potential security events

What We're Looking For:

📍BS/MS in Computer Science or related fields with security research experience 📍Experience performing security architecture and design reviews 📍Application Fuzzing and auditing experience 📍Experience with Web3 security research a plus 📍Good communication skills 📍Knowledge of common vulnerabilities in different types of software and programming languages, including: 📍How to test for/exploit them 📍Real world mitigations that can be applied 📍Familiarity with vulnerability classification frameworks (e.g., OWASP Top 10) 📍Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited

We'd Love If You Have:

📍Experience with concurrency, parallelism and distributed systems 📍Familiarity with the Shardeum / Shardus open source repos 📍Experience with consensus protocols and other blockchains 📍Experience with Node.js and TypeScript, or languages like C, C++, Rust or Go 📍Experience writing a smart contract on a blockchain 📍Experience running a node in a blockchain network 📍Knowledge of cryptography 📍Experience with networks and operating systems 📍Graduated with high academic scores or with honors 📍Won or placed in a hackathon(s) 📍Ranked highly on competitive coding sites 📍Contributed to open source projects 📍Written articles or created videos on technical topics, especially related to blockchain 📍Read the Bitcoin and Ethereum whitepapers 📍Done something extraordinary