Security Engineer

New York, NY or Remote /
Engineering /
At Hiro, we’re making it easier for developers to build the next generation of smart contracts and decentralized apps. We build developer tools for Stacks, an open-source network which makes Bitcoin programmable. With Hiro, developers can test and deploy smart contracts, spin up nodes and other server-side resources for scaling, and get access to monitoring and analytics. Our solutions provide developers with the convenience and reliability they need to be successful.

We’re very proud to say that Hiro won 3 Built In’s Best places to work awards! We received Best Places to Work NYC, Best Places to Work Small Companies, and Best Paying Companies NYC!

Hiro is funded and backed by more than $75 million from Union Square Ventures, Y Combinator, Lux Capital, Winklevoss Capital, Naval Ravikant, and others.

About the Opportunity

Hiro is looking for a passionate and collaborative Security Engineer to help with the build and evolution of Hyperchains - our Layer-2 solution for Stacks Blockchain that enables high throughput and low latency. You'll collaborate with a team and work independently to architect and deliver feature upgrades and improvements. In this role, you will build critical features for our developer community. You must be comfortable working in diverse development ecosystems and have worked independently in a rapidly scaling startup. OSS experience is preferred as we are an open source project.

What You’ll Do:

    • Contribute to the development, maintenance, and testing of the Hyperchains and Stacks blockchain.
    • Hyperchains is under active development and our initial version is active on Testnet. As part of your role, you will be tasked with performing security assessments and threat modeling of assets, including Hyperchains our Layer-2 solution for Stacks blockchain.
    • Partner with software engineering teams to advise on code and architecture for internal integrations, including node software, wallet systems, and key management frameworks.
    • Contribute code to hyperchains monitoring to detect abnormal or malicious behavior (51% attacks, dangerous smart contract calls, validator misbehavior, and more).
    • Lead code reviews and security reviews of systems that interact with Hyperchains
    • Research and investigate upgraded, advanced crypto algorithms such as zero-knowledge proofs and bleeding-edge blockchain protocols.
    • Share details with our community about any vulnerabilities, incident investigations, unique integration risks, and related issues.
    • Utilize advanced cryptographic algorithms and concepts to evolve the next iteration of Hyperchains
    • Implement rigorous and thorough monitoring and testing practices to meet the security and performance requirements
    • Design and implement blockchain supporting tools and utilities(e.g., CLI client, tools for exploring the blockchain, monitoring, benchmarking or debugging tools)
    • Collaborate with other teams on new product features that have a dependency on the Hyperchains and Stacks blockchain(e.g. developer tooling, UX tooling, 3rd party integrations etc)

What We’re Looking For:

    • Bachelor’s/Master’s Degree in Computer Science, CyberSecurity, or related field or equivalent practical experience.
    • 5+ years security engineering experience
    • Background in security engineering
    • Expertise in Rust
    • Past experience securing Blockchain solutions
    • Previous work in a high security product(s)
    • Hands on experience in security and auditing in a production environment with one or more of: public blockchains; consensus protocols; large-scale distributed systems; high availability, and real-time systems; applied cryptography; compilers; any other equivalent / adjacent technology
    • Experience in research & development
    • Experience working on and designing tests for long-running projects
    • Rust, Cryptography experience and its application to distributed ledger tech
    • Prior experience with Blockchain necessary
    • Experience testing distributed systems for behaviors in the presence of faults, network partitions, and network delays
    • Working knowledge of the limitations and complexities involved in peer-to-peer systems
    • Working knowledge of programming language interpreters, compilers, and static analysis
    • Experience building highly secure software and shipping new products
    • Strong debugging skills and/or experience in reverse engineering

We’d Also Like to See:

    • PhD in Computer Science, CyberSecurity, a related technical field, or equivalent practical experience.
    • Experience in research and development , building blockchain/distributed systems
    • Experience with designing, implementing, and benchmarking highly performant programs.
    • Experience working on a large, complex, distributed system such as a distributed database, cluster controllers, etc.
    • Experience working on open-source projects
    • Experience collaborating on a distributed team
    • Experience with Layer2 solutions, rollups, zkp
    • Knowledge of api security, cloud architecture and platform security principles

    • We’d love to hear from you even if you don’t have experience or interest in every bullet. There’s no perfect candidate and we want to find the right fit, even if it’s different than we imagine. We especially would like to meet underrepresented/underestimated candidates.

What we’ll offer:

    • Competitive NYC based Salary(regardless of location, benchmarked annually)
    • Company equity and Stacks (STX) tokens--STX is the native cryptocurrency of the Stacks network
    • $500/mo co-working space reimbursement
    • $1,200/yr budget for learning and development stipend
    • $1000/yr of charity donation matching to an organization of your choosing
    • Daily Lunch Reimbursement(even if you’re remote!)
    • Open Vacation Policy, take the days you need
    • Family-Friendly Health Benefits
    • Free Life and Disability Insurance
    • Health and dependent care(FSA)
    • Up to 16 weeks of paid parental leave
    • Pre-tax commuter benefits
    • 401k with 3% match
    • Your choice of technical setup and equipment

    • Please note that benefits vary by country, the ones shown above are for our full time U.S. based employees. Benefits information for non-US based positions will be provided to individuals who interview for those roles.
About Us
Hiro is the leading developer tools company for Stacks, the open-source network which makes Bitcoin programmable. Our mission is to accelerate mainstream adoption of blockchain technology and build a better, user-owned internet for all. Hiro was founded in 2013 under the name Blockstack PBC and is headquartered in New York City with employees and contractors distributed across the globe. Hiro is funded and backed by more than $75 million from Union Square Ventures, Y Combinator, Lux Capital, Winklevoss Capital, Naval Ravikant, and many more. Visit our website to learn more.

Hiro is proud to be an equal opportunity employer and deeply cares about building a diverse team. Hiro is committed to building an inclusive environment for people of all backgrounds. We do not discriminate on the basis of race, color, gender, sexual orientation, gender identity or expression, religion, disability, national origin, protected veteran status, age, or any other status protected by law.