Headaer Background Image
Code4rena Logo

Code4rena

Security Engineer

WorldwideFull-Time
Apply Now!

Please mention that you found this position on Remotedom, it helps us grow.

Join us and play a crucial part in scaling and securing Web3 security products.

Description


About Code4rena

Code4rena is the leading smart contract security marketplace. We invented the competitive audit, incentivizing thousands of security researchers on our platform to compete to find more rare, high-severity vulnerabilities than any other model.


Having conducted over 300 audits since launching in 2021, we scale the best security outcomes while broadening and deepening the talent pool, proven by our public data and industry-defining leaderboard. We’re also constantly innovating. This year, we launched Bot Races, incentivizing an AI-enabled labor force, and Profiles, matching projects to top security talent.


We’re a dynamic team backed by Paradigm and are looking for highly ambitious new teammates to join us on our mission to improve smart contract security.


About the Role

We are seeking a dedicated Security Engineer. A Security Engineer at Code4rena will work closely with development teams, product leaders, and third-parties to ensure that the Code4rena application and platform is secure. 


This role encompasses a broad spectrum of security-related responsibilities. You will conduct security assessments, triage vulnerability reports, review design documents, perform security code reviews of pull requests, and help us achieve and maintain compliance with industry standards and our internal security policies. 



You’ll be a competitive contender for this role if you:

  • Understand how to conduct a thorough application security assessment
  • Experience with node.js (JavaScript / TypeScript) and python.
  • Have experience triaging vulnerabilities reported by humans / tooling / scanners
  • Have in-depth knowledge of at least the OWASP top 10 and other common issues
  • Have experience with secure coding practices, code reviews using SAST / DAST
  • Can review source code for vulnerabilities and coordinate with developers and product teams with how to fix the issue.


Bonus points if you:

  • Are capable of building your own tools to automate tasks
  • Have experience with incident response
  • Have experience building and maintaining threat models for applications.
  • Have hands on experience fuzzing an application
  • Have familiarity with DeFi, crypto, and web3


Beware of scams when applying! You should NEVER have to pay for applying for any position. Learn more about scams here.

Remotedom accepts no liability or resposability as consequence on relience upon information on here or external websites.