Celestia is the first modular blockchain network. By decoupling consensus from execution, Celestia enables anyone to easily deploy their own blockchain, without the overhead of bootstrapping a new consensus network. Blockchains on Celestia are free from constraints, making them scalable, sovereign, and secure.
About the Team
Celestia Labs is remote first and highly distributed, with English as our primary language for communication. We are looking for self-starters that are excited about working in a fast paced startup environment. We do not require employees to live in specific timezones, but much of the team lives and works in the European and US timezones. As such, employees are expected to be available as needed for team and company events that are scheduled. Generally these are scheduled between 12pm-5pm UTC.
Celestia Labs is seeking a remote full-time security engineer to build and maintain comprehensive security policies. In this role you will audit and review code as well as define and maintain an incident response processes and bug bounty programs across the whole Celestia software stack. A key responsibility of the security engineer will be to ensure the security and integrity of the network in order to prevent security issues, while also ensuring appropriate response to any incidents that may occur.
- Flexible and remote work environment
- Competitive salary and meaningful long-term compensation package
- Stipends for home office and coworking space
- Full-team onsites twice per year and smaller-team onsites more frequently
- Budget for conference attendance and professional development
- 4 weeks annual vacation
Who You Are
- You are a security engineer with at least 2+ years of experience
- You have a passion for thoroughly reviewing code written in Go, Rust, or other systems languages as well as examining technical documentation with a focus on security.
- Either experience with Blockchain or distributed systems security.
- Strong problem-solving and communication skills
- Experience with open source software development practices and tools
- You are self-driven and able to work independently as well as part of a team
- Audit and understand critical code paths in the existing implementation as well as review pull requests from a security perspective.
- Define and maintain security policies, infrastructure such as incident response policies, and bug bounty programs across all Celestia software repositories to react appropriately on incidents and to prevent security issues in the first place.
- Triage security-relevant issues in coordination with the team and coordinate between external auditors, bug bounty reports, and the engineering team
- Collaborate with the engineering team to design and implement secure software development practices
- Analyze threats, vulnerabilities, and incidents, and implement appropriate remediation measures in coordination with the team
Nice To Haves
- Solid experience with blockchain technology and knowledge about modular blockchain networks
- A strong understanding of cryptography, network security, and application security
- Experience with libp2p, IPFS or comparable technologies
- Experience with the Cosmos-SDK modules and applications or comparable frameworks
- Understanding of Tendermint or other consensus engines
- Experience with leading small remote-first teams
While experience in the blockchain space is preferred – having general excitement about web3 and modular blockchain technology is a must!