Security Engineer: Solana C/Rust

Asymmetric Research:

Asymmetric Research ("AR") is a boutique security venture focused on deep partnerships with L1/L2 blockchains and DeFi protocols in an effort to keep them safe. We specialize in four core domains of web3 security; research, engineering, incident response, and infrastructure services.

Culture:

AR is a fully remote organization and members of our team have been strongly committed to open-source values for decades, having worked at organizations with deep open-source roots and strong security programs including Google, Netflix, Mozilla, Stripe, and Jump Crypto. We pride ourselves on maintaining the highest levels of confidentiality, trust, and professionalism.

Responsibilities:

• Design and implement security and defense-in-depth controls to prevent and limit vulnerabilities.
• Perform cutting edge security research in Solana and Rust-based blockchains.
• Develop security tooling and developer workflows to aid in the early detection of vulnerabilities.
• Collaborate with core contributors to conduct internal security audits.
• Shepherd external security audits with the help of leading third-party audit firms.
• Operate bug bounty programs on Immunefi.
• Work in a diverse decentralized team environment with web3 professionals.
• Clearly communicate security risks and solutions.
• Adhere to the highest standards of integrity, trust, and professionalism.

Requirements:

• Strong desire to understand how things work, and the ability to quickly absorb new information.
• Familiarity with at least one or more Rust-based smart contract platforms, including (non-exhaustive) Solana, Cosmwasm, NEAR (strong preference to pre-existing Solana experience).
• Proven experience as a consultant, engineer, bug bounty hunter or auditor.
• Prior experience working with open source development practices.
• Willingness and aptitude to learn multiple C and Rust-based runtimes.
• Understanding of blockchain infrastructure technologies, such as bridging or oracles.
• Prior experience with code reviews.
• Prior experience with reverse engineering, binary exploitation, and/or fuzzing.
• Prior leaderboard ranking on bug bounty, code audit contest, or CTF competitions.

Benefits:

• 25-Days Paid Vacation

• Competitive Base Salary

• Lucrative Bonus Programs

• Premium Healthcare

• Generous office, equipment, education, and health/wellness stipends
• Pension / 401K programs

• Life Insurance