Resilience is one of the most important characteristics of decentralised technologies, so in order to safeguard high quality and good practices in Web3 community, we are looking for an outstanding Security Specialist.
Security at the Web3 Foundation
Web3 Foundation accelerates the development and adoption of the decentralized web. We’re providing the framework and setting the standards for an ecosystem so that the most cutting-edge projects can work together, multiplying their benefit to society as a whole.
We’re building the future of identity, privacy, financial markets and commerce through blockchains and other cryptographic technologies. At the core of this work is Polkadot - a platform that enables blockchains of all kinds to interact and communicate with one another. This is an opportunity to work at the forefront of technological development and join in shaping the future of society for the better.
Security is at the heart of decentralised protocols and applications. Extensive reliance on correct implementation and good user practices necessitates that we spend sufficient time on Security in the Web3 ecosystem.
Web3 Foundation aims to ensure that crucial projects and networks are sufficiently reviewed and monitored, as well as any developers and users are aware of best security practices. The Security team will be responsible for the initiatives that allow us to achieve those goals together with our open source community.
We hire at various levels of experience so feel free to apply even if you don’t fulfil all the requirements yet. We are a lean team with a flat organisation. The company is based in Zug, Switzerland, but candidates working remotely in the European timezone will be considered as well.
Adapt security best practices to a decentralised setting
Advise a diverse community of node operators who participate in our peer-to-peer networks, especially by writing accessible guidelines and even tools
Uncover and help correct miss-use potential in our software
Develop and run community security initiatives, like our bug bounty program
Work with our DevOps and Research teams to put in place monitoring systems for our peer-to-peer networks
Contribute to the grant review process to ensure funding for projects crucial to security of the Web3 ecosystem
Review security aspects of projects that the Web3 Foundation interacts with or supports
Establish security processes within the Foundation
Incident response at the community level
Experience engaging with code auditors and other external experts
Ability to write accessible guides and security tooling
Interest in, and some understanding of, of decentralised technologies, especially blockchains
Understand secure key management practices, as required for digital certificates, crypto-currencies, or key ceremonies
Knowledge of network security, preferably including peer-to-peer
Understanding of Open Source communities, including bug bounty programs
Minimum of 3 years working as an information security professional
Created security tools for blockchain applications
Familiarity with past blockchain security incidents
Experience monitoring live distributed systems
Familiarity with Rust, C, Go, Javascript, or asynchronous networking code
Familiarity with WASM byte code, but any assembler or VM byte code helps
Familiarity with static or dynamic program analysis
Experience automating security testing procedures
Some understanding of cryptographic primitives like signature schemes
Experience managing technical communities
To apply to this position, we ask you to answer a few questions in the application form, and to submit your CV and a cover letter, telling us a bit about yourself and your motivation to join us.
For more information about us, visit us on
Web3 Foundation website:web3.foundation/
Polkadot website:polkadot.network/
Github: github.com/w3f/polkadot-overview
Für diese Stelle bewerben