Senior Blockchain Security Engineer
San Francisco, California
Engineering /
Full Time /
Remote
About Us:
Analog is building a true Layer-0 blockchain network that ushers in the omnichain future, secured with the Proof-of-Time consensus mechanism.
Backed by world-class investors, our vision is to facilitate the seamless communication of time data (events) between decentralized applications across different chains.
We are a non-hierarchical team seeking a highly experienced Blockchain Security Engineer who possesses expertise in auditing and securing blockchain infrastructure. In this role, you will be responsible for single-handedly conducting comprehensive security assessments, identifying vulnerabilities and implementing robust security measures to safeguard our blockchain infrastructure, You will play a crucial role in ensuring the integrity, confidentiality, and availability of our blockchain systems, both pre and post deployment.
About the Role
- Security Auditing: Conduct thorough security assessments of the blockchain infrastructure, including nodes, networks, smart contracts, and associated components. Identify vulnerabilities, weaknesses, and potential attack vectors through comprehensive audits and penetration testing.
- Vulnerability Analysis: Analyse security reports, threat intelligence, and industry best practices to identify potential risks and vulnerabilities specific to the blockchain environment. Stay updated with the latest security trends and emerging threats in the blockchain space.
- Vulnerability Analysis: Analyse security reports, threat intelligence, and industry best practices to identify potential risks and vulnerabilities specific to the blockchain environment. Stay updated with the latest security trends and emerging threats in the blockchain space.
- Security Architecture Design: Collaborate with the development and infrastructure teams to design and implement secure architecture for the blockchain infrastructure. Provide guidance and recommendations on secure deployment practices, cryptography, access controls, and data protection.
- Secure Deployment: Ensure secure deployment practices are followed during the setup and configuration of blockchain infrastructure. Implement secure access controls, encryption mechanisms, and authentication protocols to protect sensitive data and prevent unauthorised access.
- Smart Contract Security: Conduct comprehensive audits of smart contracts to identify potential vulnerabilities, such as code bugs, logic flaws, and security loopholes. Perform code reviews, vulnerability assessments, and penetration testing to ensure the robustness and security of smart contracts.
- Incident Response and Forensics: Develop incident response plans and procedures to effectively respond to security incidents and breaches in the blockchain infrastructure. Conduct forensic investigations to identify the root causes of security incidents, document findings, and implement corrective actions.
- Security Monitoring: Implement and maintain robust monitoring systems to detect and respond to security threats in real-time. Utilise security information and event management (SIEM) tools, intrusion detection systems (IDS), and other security monitoring solutions to ensure continuous surveillance of the blockchain infrastructure.
- Compliance and Standards: Ensure compliance with relevant security standards, regulations, and industry best practices in the blockchain space. Stay updated with evolving regulatory requirements and implement necessary security controls to meet compliance obligations.
- Security Awareness and Training: Conduct security awareness sessions and trainings for the development team, operations staff, and other stakeholders involved in blockchain initiatives. Promote a culture of security awareness and provide guidance on secure coding practices, secure deployment, and incident reporting.
- Documentation and Reporting: Maintain detailed documentation of security configurations, vulnerabilities, risk assessments, and remediation actions taken. Generate regular reports and communicate security status, findings, and recommendations to relevant stakeholders.
About You
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
- Proven experience as a Blockchain Security Engineer, specialising in auditing and securing blockchain infrastructure.
- Deep understanding of blockchain technologies, protocols, and frameworks (e.g., Ethereum, Hyperledger Fabric, Corda) and associated security challenges.
- Experience conducting security assessments, vulnerability scanning, penetration testing, and code reviews in blockchain environments.
- Proficiency in smart contract security auditing tools and techniques, such as static analysis and fuzzing.
- Strong knowledge of cryptographic principles, encryption algorithms, and secure key management.
- Familiarity with security frameworks and standards specific to blockchain, such as OWASP Top 10 for Blockchain, NIST SP 800-207, and ISO/IEC 27001.
- Experience with security monitoring tools, SIEM solutions, and intrusion detection systems for blockchain infrastructure.
- In-depth knowledge of secure deployment practices, secure coding principles, and secure software development lifecycle (SDLC) methodologies within the context of blockchain.
- Solid understanding of secure deployment practices, secure coding principles, and secure software development lifecycle (SDLC) methodologies.
- Understanding of incident response and forensic investigation procedures in the context of blockchain security incidents.
- Experience with compliance and regulatory requirements specific to blockchain security, such as data privacy regulations and industry-specific standards.
- Relevant certifications in blockchain security or information security (e.g., Certified Blockchain Security Professional, Certified Information Systems Security Professional) would be a plus.
- Familiarity with substrate/Polkadot and cross chain messaging like(XCM, IBC) is a plus.
Benefits
- Highly competitive salary and token compensation with huge growth potential
- Be a founding engineer of one of the most innovative protocols to exist in blockchain
- Supercharge your career in Web3 - the future of the internet
- Work closely with team members who have a wide breadth of experience from some of the leading tech companies in the world
- Flexible working hours and working environment
Analog fosters an inclusive work environment that doesn’t tolerate unjust discrimination against race, religion, gender, disability, age or other qualities. We encourage anyone from around the world to apply as long as they meet the job requirements!