← All jobs

SecurityMidRemote
As a Smart Contract Auditor at CryptoSec, you review the security of smart contracts and protocols within the DeFi ecosystem, primarily Solidity contracts on Ethereum and Layer 2 solutions. You identify vulnerabilities, design and architectural flaws, and work with developers and stakeholders to mitigate security risks across the decentralized ecosystem.
What you'll do
- Review security of smart contracts and protocols within the DeFi ecosystem, primarily Solidity contracts
- Identify vulnerabilities, design and architectural flaws, quality improvements, and ways to mitigate future risk
- Write clear and concise reports and action steps for developers to quickly mitigate and fix issues discovered
- Interact with developers and key stakeholders when identifying and handling security issues
What you bring
- Demonstrated expertise with Solidity, EVM, and blockchain
- Experience developing and building on DeFi protocols and smart contracts
- Proven experience writing smart contracts and familiarity with Solidity libraries
- A good understanding of the Ethereum blockchain and dApp architecture
- Understanding of Layer 2 solutions and cross-chain bridge technologies
- Experience with compiler, parser, and assembler of smart contract bytecode
- Static analysis and dynamic analysis of bytecode and source code
- Experience auditing smart contracts and assessing smart contract security risks
- Knowledge of best practices for smart contract development
- Experience discovering vulnerabilities at design and system level
- Knowledge of common vulnerability classes and hands-on experience exploiting these vulnerabilities
- Knowledge of various security analysis tools for smart contracts and hands-on experience setting up and using them
- A focus on improving real-world security, not compliance
- Pro-active problem solving skills
- Strong communication and collaboration skills
- A strong sense of ownership
- Proficient English communication, both written and spoken
Nice to have
- Experience with fuzzing and formal verification
What we offer
- Fully remote, with office locations in Zug, London, Vancouver, Singapore, Dubai, Hong Kong, and New York
About CryptoSec
CryptoSec helps clients manage cybersecurity, privacy, regulatory, financial crime, and operational risks in the decentralized ecosystem. The company operates a fully remote, collaborative culture that values curiosity, continuous learning, accountability, and diversity of thought.