Job Description:
• Review smart contracts, off-chain components, and blockchain infrastructure for security vulnerabilities using manual analysis and automated tools.
• Provide strategic advice to customers to build more robust software and improve project maturity.
• Collaborate with senior engineers and client teams on code review and security assessments.
• Work with existing blockchain security tools (e.g., Slither, Echidna, Medusa) and contribute to tool integration and custom rule development.
• Design and implement solutions for security vulnerabilities in smart contracts, consensus mechanisms, and cross-chain validations.
• Conduct research and development on L1/L2 networks, rollups, bridges, and consensus protocols to stay current with threats.
• Learn and experiment with new tools between project engagements and contribute to the broader security community.
Requirements:
• Experience with Solidity security and understanding of the Ethereum Virtual Machine (EVM).
• Familiarity with common smart contract vulnerabilities, reentrancy attacks, and DeFi security patterns.
• Knowledge of other ecosystems such as Move, Solana, Cosmos, and TON is a plus.
• Proficiency in at least one systems programming language (Go, Rust, C++, or similar).
• Understanding of blockchain development frameworks.
• Experience with blockchain node operations, RPC interfaces, or consensus protocol implementations.
• Understanding of Layer 1 and Layer 2 architectures, rollups (optimistic and ZK), state channels, or sidechains.
• Basic familiarity with consensus mechanisms like Proof of Stake, PBFT, or Tendermint and finality concepts.
• Interest in reviewing blockchain infrastructure, including validator nodes, bridge contracts, oracle integrations, or cross-chain communication protocols.
• Understanding of deployment security and incident response integration.
• Experience with security analysis, vulnerability assessment, or penetration testing.
• Familiarity with automated security tools, fuzzing techniques, or static analysis methodologies applied to blockchain systems.
• Trail of Bits participates in E-Verify (US federal employment eligibility verification).
Benefits:
• Competitive salary complemented by performance-based bonuses.
• Fully company-paid insurance packages, including health, dental, vision, disability, and life.
• A solid 401(k) plan with a 5% match of your base salary.
• 20 days of paid vacation with flexibility for more, adhering to jurisdictional regulations.
• 4 months of parental leave.
• $10,000 in relocation assistance to support a move to NYC (if interested).
• $1,000 Working-from-Home stipend to create a comfortable home office.
• Annual $750 Learning & Development stipend.
• Company-sponsored all-team celebrations, including travel and accommodation.
• Philanthropic contribution matching up to $2,000 annually.
Apply Now
Apply Now