Smart Contract Auditors

CryptoSec is focused on facilitating and protecting the decentralized, programmable future of everything by helping clients manage cybersecurity, privacy, regulatory, financial crime and operational risks.

As a Smart Contract Auditor, you review the security of smart contracts and protocols within the DeFi ecosystem, primarily Solidity-based systems. You identify vulnerabilities, design and architectural flaws, and work with developers and stakeholders to mitigate and fix issues.

What you'll do

• Review security of various smart contracts and protocols within the DeFi ecosystem, primarily Solidity contracts
• Identify vulnerabilities, design and architectural flaws, quality improvements, and ways to mitigate future risk
• Write clear and concise reports and action steps for developers to quickly mitigate and fix any issues discovered
• Interact with developers and key stakeholders when identifying and handling security issues

What you bring

• Demonstrated expertise with Solidity, EVM, and blockchain
• Experience developing and building on DeFi protocols and smart contracts
• Proven experience writing smart contracts and familiarity with Solidity libraries
• Good understanding of the Ethereum blockchain and dApp architecture
• Understanding of Layer 2 solutions and cross-chain bridge technologies
• Experience with compiler, parser, and assembler of smart contract bytecode
• Knowledge of static analysis and dynamic analysis of bytecode and source code
• Experience auditing smart contracts and assessing smart contract security risks
• Knowledge of best practices for smart contract development
• Experience discovering vulnerabilities at design and system level
• Knowledge of smart contract vulnerabilities and hands-on experience exploiting them
• Solid understanding of relevant common vulnerability classes and hands-on experience exploiting these vulnerabilities
• Knowledge of various security analysis tools for smart contracts and hands-on experience setting up and using them
• A focus on improving real-world security, not compliance
• Proactive problem-solving ability
• Strong communication and collaboration skills
• A strong sense of ownership
• Proficient English communication, both written and spoken

Nice to have

• Fuzzing and formal verification experience

What we offer

• Fully remote work available globally
• Flexible location options including Dubai, Hong Kong, London, New York, Singapore, Vancouver, and Zug

About CryptoSec

CryptoSec is a fully remote, collaborative firm helping clients manage cybersecurity, privacy, regulatory, financial crime and operational risks in the decentralized ecosystem.