Security Engineer: Solana C/Rust

Asymmetric Research:

Asymmetric Research ("AR") is a boutique security venture focused on deep partnerships with L1/L2 blockchains and DeFi protocols in an effort to keep them safe. We specialize in four core domains of web3 security; research, engineering, incident response, and infrastructure services.

Culture:

AR is a fully remote organization and members of our team have been strongly committed to open-source values for decades, having worked at organizations with deep open-source roots and strong security programs including Google, Netflix, Mozilla, Stripe, and Jump Crypto. We pride ourselves on maintaining the highest levels of confidentiality, trust, and professionalism.

Responsibilities:

• Design and implement security and defense-in-depth controls to prevent and limit vulnerabilities.

• Perform cutting edge security research in Solana and Rust-based blockchains.

• Develop security tooling and developer workflows to aid in the early detection of vulnerabilities.

• Collaborate with core contributors to conduct internal security audits.

• Shepherd external security audits with the help of leading third-party audit firms.

• Operate bug bounty programs on Immunefi.

• Work in a diverse decentralized team environment with web3 professionals.

• Clearly communicate security risks and solutions.

• Adhere to the highest standards of integrity, trust, and professionalism.

Requirements:

• Strong desire to understand how things work, and the ability to quickly absorb new information.

• Familiarity with at least one or more Rust-based smart contract platforms, including (non-exhaustive) Solana, Cosmwasm, NEAR (strong preference to pre-existing Solana experience).

• Proven experience as a consultant, engineer, bug bounty hunter or auditor.

• Prior experience working with open source development practices.

• Willingness and aptitude to learn multiple C and Rust-based runtimes.

• Understanding of blockchain infrastructure technologies, such as bridging or oracles.

• Prior experience with code reviews.

• Prior experience with reverse engineering, binary exploitation, and/or fuzzing.

• Prior leaderboard ranking on bug bounty, code audit contest, or CTF competitions.

Benefits:

• 25-days paid vacation

• Competitive Base Salary

• Lucrative Bonus Programs

• Premium Healthcare

• Generous office, equipment, education, and health/wellness stipends

• Pension / 401K programs

• Life Insurance