About RootstockLabs
At RootstockLabs, we believe Bitcoin will underpin humanityâs economic future. But for this to happen, Bitcoinâs functionality must be extended and made available to all. This is why we have been long-standing contributors to Rootstock, the largest and longest-running Bitcoin sidechain. Rootstock allows anyone to develop apps and services on top of the planetâs most secure and decentralised financial infrastructure; Bitcoin.
Today we continue to contribute to Rootstockâs evolution by building tools and technology focused on making Bitcoin work for everyone.
About the Role
RootstockLabs exists to make Bitcoin work for everyone. We do this through giving developers the tools to build on Bitcoin, supporting the growth of the Rootstock ecosystem and expanding the frontiers of decentralised technology.
As we enter our next stage of growth, we are looking for an experienced Smart Contracts Engineer to do vulnerability research in RootstockLabs projects, research attack and defense techniques, and develop innovative tools to help automate detection and response tasks. You will also work in close collaboration with internal development teams and members of the ecosystem to develop new capabilities to improve security of the public p2p network, its users, and the company's infrastructure.
You will work alongside blockchain gurus and smart open-minded âRootiesâ across cross-functional teams, working in web3 and on the cutting edge of technology.
What Youâll be Doing
- Actively participating during the product design phases, analyzing requirements and proposing secure, innovative and alternative solutions
- Performing source code audit and PR security reviews in alignment with organisation needs
- Discovering vulnerabilities, developing PoC and helping with the remediation
- Conducting research on vulnerabilities and attack techniques
- Interacting with internal teams, contributing to the secure design of new products and features
What Youâll Bring to the Table
- 2+ years of work experience reviewing Smart Contracts and 5+ years of work experience as Application Security Engineer or Security Researcher
- Proven experience in performing source code security audits, threat modeling and architectural security reviews (Providing links to public reports or projects demonstrating previous audit work is a must)
- Proficiency in identifying and remedying common security vulnerabilities in code
- Knowledge of various attack vectors and methods of exploiting vulnerabilities
- Familiarity with the software development life cycle and ability to integrate security into the process
- Cryptography knowledge
- Knowledge of Blockchain with the ability to explain and work in all the different layers.
- Coding skills in Solidity, Javascript and React
- Experience conducting vulnerability research
- Comprehensive knowledge of application security principles, including threat modeling and risk assessment
- Bi-lingual Spanish & English a plus but not a deal breaker!
What Youâll Get Back!
- Competitive salary
- 100% remote working (contractor) from anywhere in the world
- Possibility to work at your nearest WeWork space
- Flexible working hours. Youâre free to work however you work best
- Opportunity to work with state of art technology in a challenging and unique project
- Internationally diverse and dynamic team with a clear vision and strategy
- Training programs to learn everything about the crypto world
- Weekly scientific moments by our Research & Innovation team to learn about technology, challenges, and solutions in the blockchain world
- Language courses: English, Spanish or Portuguese.
- Employee assistance program offering legal, financial, family, psychological, and wellness counseling for you and your family
RootstockLabs Mission & Purpose
Our purpose: Make Bitcoin work for everyone!
Our mission: give developers the tools to build on Bitcoin, support the growth of the Rootstock ecosystem, and expand the frontiers of decentralised technology.
Please mention the word **EXEMPLARY** and tag RMzguNjguMTM0LjE5NA== when applying to show you read the job post completely (#RMzguNjguMTM0LjE5NA==). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.