Auditing Engineer II (Full Time, Anywhere)

As a smart contract auditor, you will be at the forefront of Web3, using a hacker mindset to identify vulnerabilities in target contracts of mainstream projects, from token contracts to full-fledged DeFi protocols. Come and join us in our mission of securing the blockchain!

This position is for candidates who already have some understanding of how Ethereum works, know how to code smart contracts, and are aware of the main security caveats and how to identify them. To succeed as an Auditing Engineer II, you must demonstrate the ability to read and write code, have an understanding of common security vulnerabilities in DApps, and analyze architectural trade-offs.

This job is fully remote - work from anywhere in the world!

Candidate Profile

• Background in Computer Science or any related field such as Mathematics or Physics.
• Loves to find bugs in software systems and has a great eye for detail.
• Fluent in English communication, both written and spoken.
• Fluent in reading medium complexity (at least 1 KLOC) Solidity smart contracts.
• Hands-on experience with static analysis tools.
• Understand the most common security pitfalls with Solidity smart contracts, including economic exploits.
• Understand how Ethereum works.

Nice to Have

• Hands-on experience with blockchain projects.
• Reading fluency in Rust.
• Hands-on experience with fuzzing tools.
• Pentesting skills and knowledge of traditional Web2 security.
• Partial availability (2-6h) during EST work hours to allow for communication with the team.

Responsibilities

• Perform code reviews/audits of blockchain projects in small teams of engineers.
• Interact with other team members to discuss the likelihood and impact of findings.
• Write and review audit reports before they are shared with the customer.
• Interact with customers to clarify technical requirements and answer technical questions.

Optional Opportunities

• Perform research on a new topic in the crypto space and provide internal "Lunch and Learn" (LnL) sessions. There is an option to also record and publish LnLs on YouTube or other social media platforms.
• Work on internal research projects, building PoCs, forking and changing open-source tools, running experiments, etc.

Quantstamp has protected billions in digital assets from hackers on our mission to secure web3. As a global team of security professionals, we have honed our technology and expertise through hundreds of audits and gained the trust of our clients to keep their innovative products safe.

In addition to providing an array of security services, we facilitate the growth and longevity of the web3 space through strategic investments and acting as a trusted advisor to help projects scale. Quantstamp is honored to have worked with some of the top projects in the industry including Aave, Compound, Maker, OpenSea, Polygon and many more.

As the leading blockchain security company in this emerging industry, we are always looking for team members that love taking initiative and solving challenging problems. Join the team and help us secure the future of web3.