custom tools like Slither, Echidna, and Manticore, which were among the first blockchain security tools that could be used in practice, on real code. Even today, few mature security tools exist in the blockchain space. We provide our engineers with ample opportunity to build and experiment with new tools between project engagements. Join us to make a career-defining contribution.
You will be at the forefront of blockchain security research. You will review smart contracts, blockchain infrastructure code, and decentralized applications for security vulnerabilities, using both manual static analysis and our tool suite.
In the time between your engagements, you will help improve our existing tooling and create new tools and analytics. Other practitioners at Trail of Bits and within the industry will come to rely on your work, and you will make a name for yourself in a nascent discipline.
The base salary range for this role is $170,000-$350,000 DOE.
- Work directly with the leading teams in the blockchain industry to review their code and help secure their products.
- Design and implement solutions for difficult engineering and research problems.
- Collaborate with teammates to maintain and continually improve our existing blockchain security tools using modern software engineering practices.
- Develop new blockchain security tools.
- 2+ years of experience in pure blockchain engineering and one year of experience in Solidity security analysis.
- Solid understanding of the Ethereum Virtual Machine and Yellow Paper.
- Fluency in Solidity development and the deployment of smart contracts.
- High-level understanding of common cryptographic vulnerabilities.
- Experience in library and API design.
- Strong debugging skills and/or experience in reverse engineering.
- Multiple years of prior experience in traditional cybersecurity (before transitioning to the blockchain space).
- Proficiency in Linux and Git.
- Great written and verbal communication skills. We highly encourage all engineers to engage in regular face time with customers, to write company blog posts about their accomplishments, and to deliver presentations to the technical community.