Seeking Blockchain Security Engineers

Mehdi Zerouali | Updated on Wed 08 July 2020 Estimated read time: 3 min

Sigma Prime is hiring a security engineer to expand its security assessment practice. If you're into blockchain security, penetration testing, smart contract security reviews, and/or fuzzing code, this could be the perfect job for you!

The Company

Sigma Prime is an information security consultancy who provides specialist distributed systems expertise. We are a team of developers, researchers, and security engineers who have come together with the purpose of building a secure and decentralised world.

Ethereum has been a focus of ours since 2015 and we have provided security reviews, design consultancy, and niche development services to prominent companies in the space, both locally and internationally.

Our latest project, Lighthouse, is an Ethereum 2.0 client built using Rust. While the software is still in the pre-alpha development phase, the project is already well established. The open-source repository can be found at github.com/sigp/lighthouse. We are honoured to have received grants from the Ethereum Foundation, Vitalik Buterin and ConsenSys for this initiative.

Our information security practice provides the following services:

  • Blockchain security assessments
  • Penetration testing
  • Smart contract security reviews
  • Infrastructure security assessments
  • Social engineering & red team exercises
  • Fuzz testing

The Role

We are looking to expand our core security team by hiring a blockchain security engineer who shares our passion for information security and decentralised systems, and our insatiable curiosity of how things work (and break).

You may fit the role if you have:

  • A keen interest in information security
  • A methodical approach to compromising distributed systems
  • A practical knowledge of automated security analysis tools
  • Experience with manual source code reviews of large code bases, focussing on security issues
  • Reverse engineering or malware analysis experience
  • A working knowledge of advanced network protocols and infrastructure operations
  • Experience in assessing consensus mechanisms
  • A practical experience in fuzz testing (libfuzzer, HonggFuzz, AFL, etc.)
  • Experience with more than one scripting language (e.g. Python, JavaScript, Perl, etc.)
  • A passion for Ethereum, proof-of-stake blockchains, and/or decentralised systems

This role is for a security engineer whose primary objectives will be to:

  • Perform (offensive) security assessments (blockchain protocols, penetration testing of web/mobile/decentralised applications, cloud infrastructure security reviews, etc.)
  • Contribute to Lighthouse by extending the current fuzzing capability
  • Work on the development and maintainance of a differential fuzzer for Ethereum 2.0

The ideal candidate would be a seasoned security assessor and an Ethereum enthusiast with experience in decentralised system security (e.g. smart contract auditing), who is looking to help secure software at the core of the leading projects in the blockchain ecosystem.

Locations

The candidate is free to choose between being remote or local in Sydney. While Sigma Prime is primarily based in NSW, Australia, remote work is an essential part of our company culture. Those who work remotely still form an integral part of the team.

Sigma Prime can also help the right candidate relocate to Sydney, where our office is, if desired.

Apply

If you're interested, please answer a few questions on this form.

Whilst Google Forms makes managing applications easier for us, we understand if you'd prefer not to use it. In such a case, feel free to send your application via email to careers@sigmaprime.io.