Security Software Engineer – Blockchain / Web3 – APAC

Shardeum Foundation

APAC. Remote

About The Role:

The Security Engineering team at Shardeum is responsible for delivering the Shardeum Mainnet safely and securely, and furthering the development of the smart contract platform, the consensus layer and the protocol layer
We focus on building scalable, performant, secure and reliable software that can be downloaded by thousands of node operators to actualize the Shardeum network

We are in search of highly talented, innovative individuals to join our team
If you enjoy solving complex computer science problems, are passionate about what you work on, are a perfectionist who wants to build things the right way – the secure way – and are persistent about finishing what you started, then you’re the kind of person we are looking for
You will be working with equally talented and innovative individuals with the goal of building incredible software with the potential to change the world

What You’ll Be Doing:

  • Perform proactive assessments covering infrastructure, secure and resilient architecture, data security (including privacy), identity and access management, application and product security
    • Be proactive in identifying potential security flaws in code, designs, and processes, and develop strategies and tactics to resolve and mitigate exposed issues
    • NodeJS and TypeScript Code Audit: Conduct security audits on code, discover and address potential security vulnerabilities
  • Aid in planning organizational security priorities
  • Evaluate application architectures for security related concerns, and consult on mitigation options
  • Develop on-chain security strategies and perform security assessments and threat modeling of various blockchain protocols and smart contracts
  • Develop security-related activities in the software engineering process (, threat modeling, secure coding practices)
  • Design and develop detection capabilities to detect known/unknown hacks in Web3
  • Triage vulnerability reports, work with engineering team to develop fixes
    • Prioritize and drive the reduction of discovered security issues, vulnerabilities, and risks
  • Development and/or use of Security-Related Tools
    • NodeJS and TypeScript Code Analysis: Develop and/or use analysis tools for automatic detection of potential security vulnerabilities
    • On-chain Incidents Monitoring: Develop and maintain strategies for detecting on-chain attacks, enabling real-time observation and reporting of potential security events

What We’re Looking For:

  • BS/MS in Computer Science or related fields with security research experience
  • Experience performing security architecture and design reviews
  • Application Fuzzing and auditing experience
  • Experience with Web3 security research a plus
  • Good communication skills
  • Knowledge of common vulnerabilities in different types of software and programming languages, including:
  • How to test for/exploit them
  • Real world mitigations that can be applied
  • Familiarity with vulnerability classification frameworks (, OWASP Top 10)
  • Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited

We’d Love If You Have:

  • Experience with concurrency, parallelism and distributed systems
  • Familiarity with the / open source reposย 
  • Experience with consensus protocols and other blockchains
  • Experience with Node
    js and TypeScript, or languages like C, C++, Rust or Go
  • Experience writing a smart contract on a blockchain
  • Experience running a node in a blockchain network
  • Knowledge of cryptography
  • Experience with networks and operating systems
  • Graduated with high academic scores or with honors
  • Won or placed in a hackathon(s)
  • Ranked highly on competitive coding sites
  • Contributed to open source projects
  • Written articles or created videos on technical topics, especially related to blockchain
  • Read the Bitcoin and Ethereum whitepapers
  • Done something extraordinary

Hereโ€™s What Our Interview Process Looks Like:

Depending on calendar availability, from the first stage to the final stage, we do our best to keep the entire process to under two weeks
Our interviews take place via video calls and typically consists of the following stages:

  • Internal Recruiter Call (30 to 45 minutes)
  • Meet with the Hiring Manager (1 hour)
  • Technical Tests (1-3 x 1-2 hours)ย 
  • Culture & Values Interview (1 hour)

Listed in: , , , , , , , , , , , , , , , , , ,