CertiK Logo

CertiK

Sr. Security Engineer (Penetration Testing)

Reposted 18 Days Ago
Remote
2 Locations
100K-180K Annually
Mid level
Remote
2 Locations
100K-180K Annually
Mid level
The Sr. Security Engineer is responsible for security assessments, penetration testing, source code reviews, and enhancing application security, particularly in the blockchain space.
The summary above was generated by AI

Why Us?

CertiK is a pioneer in blockchain security, leveraging best-in-class AI technology to protect and monitor blockchain protocols and smart contracts. Founded in 2018 by professors from Yale University and Columbia University, CertiK’s mission is to secure the web3 world. CertiK applies cutting-edge innovations from academia to enterprise, enabling mission-critical applications to scale with safety and correctness.


About the Role

The primary responsibility of this role is for CertiK’s security-related services. Intersecting cybersecurity and blockchain, CertiK’s security offerings include security consulting, security reviews, security auditing of smart contracts and blockchains, verification of smart contracts, penetration testing, and more. We are looking to hire someone with a passion for application security and penetration testing. This is a fun and challenging full-time position. If you are excited about hacking, threat modeling, scanning, auditing, designing, and enhancing the security of applications across the board then you will thrive in this role. While you work with clients, we will also provide you with plenty of opportunities to get involved with research and development efforts to help us raise the standards of blockchain security.

Responsibilities

  • Perform security assessments on web, mobile, thick client applications, and browser extensions
  • Conduct external and internal network penetration tests
  • Perform security source code reviews
  • Perform cloud security reviews
  • Develop comprehensive pentest reports for both technical and non-technical audiences
  • Research and develop innovative techniques, tools, and methodologies for pentesting applications in the blockchain space 
  • Contribute to the community by developing tools, presentations, and blog posts

Requirements

  • Passionate about cryptocurrency, DeFi, and blockchain, with a willingness to learn Web3 technologies such as smart contracts
  • Minimum of 4 years of experience in application security and penetration testing
  • Experienced in source code review for different languages, with a strong understanding of JavaScript and TypeScript
  • Experienced in mobile application penetration testing
  • Familiar with cloud platforms and their security risks, such as AWS, Azure, and GCP
  • Experience in programming with scripting languages such as Python and Bash
  • Solid understanding of cryptography
  • BS/MS/PhD in Computer Science or Information Security 
  • Strong spoken and written communication skills

Bonus Points

  • Experienced in pentesting Web3 applications such as crypto exchanges, wallets, Dapps, and key custodian solutions 
  • Experienced in smart contract security audits
  • Familiar with browser extension architecture and security risks
  • Actively participate in the blockchain security community
  • OSCP, OSWE, OSCE, GWAPT, or comparable certification
  • Participated in bug bounty programs and audit contests
  • Published security-related blog posts and spoken at security conferences and/or local meetups

About the Company

One of the fastest-growing and most trusted companies in blockchain security, CertiK is a true market leader. To date, CertiK has worked with over 3,200 Enterprise clients, secured over $310 billion worth of digital assets, and has detected over 60,000 vulnerabilities in blockchain code. Our clients include leading projects such as Aave, Polygon, Binance Smart Chain, Terra, Yearn, and Chiliz.


Investors = Insight Partners, Sequoia, Tiger Global, Coatue Management, Lightspeed, Advent International, SoftBank, Hillhouse Capital, Goldman Sachs, Coinbase Ventures, Binance, Shunwei Capital, IDG Capital, Wing, Legend Star, Danhua Capital and other investors.


Compensation

Target annual base salary for this role performed in the US is $100,000 - $180,000. The exact compensation at which this job is filled will be determined by the skills and experience of qualified candidates.


#LI-Remote

#blockchain

#startups

#hiring



CertiK accepts applications for this position on an ongoing basis.

 

CertiK is proud to offer medical, vision, and dental insurance, 401(k) plan with company matching, life and accidental death and dismemberment insurance, HSA (with high deductible plan), FSA, and other benefits to all full-time employees, along with flexible paid time off and holidays. CertiK also offers a variable commission program for business development sales roles.

 

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

 

CertiK is proud to be an equal opportunity employer. We will not discriminate against any applicant or employee on the basis of age, race, color, creed, religion, sex, sexual orientation, gender, gender identity or expression, medical condition, national origin, ancestry, citizenship, marital status or civil partnership/union status, physical or mental disability, pregnancy, childbirth, genetic information, military and veteran status, or any other basis prohibited by applicable federal, state or local law.

 

CertiK will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements.

https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf

 

All CertiK employees are expected to actively support diversity on their teams, and in the Company.

Top Skills

AWS
Azure
Bash
GCP
JavaScript
Python
Typescript

Similar Jobs

Yesterday
Remote
Hybrid
United States
Mid level
Mid level
Artificial Intelligence • Cloud • Information Technology • Sales • Security • Software • Cybersecurity
The Product Security Consultant opens and manages security product deployments, advises on best practices, and automates solutions for customers. Responsibilities include documentation, scripting, and providing pre-sales support.
Top Skills: AWSGoogle Cloud PlatformGrcIdsIpsAzurePowershellPythonSIEMSQL
Yesterday
Easy Apply
Remote
2 Locations
Easy Apply
157K-217K Annually
Senior level
157K-217K Annually
Senior level
Artificial Intelligence • Fintech • Machine Learning • Social Impact • Software
As a Senior Offensive Security Engineer, you'll build and lead the Offensive Security program, test Upstart's controls, and collaborate with various security teams.
Top Skills: AWSCi/CdEksKubernetesmacOSOktaPython
Yesterday
Remote
USA
110K-180K Annually
Senior level
110K-180K Annually
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
The Sr. Cloud Red Team Engineer emulates threat actors in cloud environments, assesses security, and enhances CrowdStrike's Falcon security capabilities.
Top Skills: .NetAWSC/C++GdbGhidraGoIdaRustWindbg

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account