Security Engineer
Chicago, IL, United States
Evertas, the first cryptoasset and blockchain insurance company, is seeking a Security Engineer to join their team of smart, motivated people looking to protect the assets and infrastructure of the entire Web3 ecosystem. We are a fully remote, mission-driven company. Evertas looks for high-quality candidates of any and all backgrounds, if this posting speaks to you (even if it is not a perfect fit) send us a note, we want to talk to you!
Responsibilities
Support insurance underwriting, by reviewing complex systems including centralized custodians, smart contract and DeFi projects, physical and cyber security systems, and IT infrastructure
Support investigations and claims related to theft and loss of cryptocurrency, failures of smart contracts and protocols, and other related matters.
Support assessments, audits, and improvements of customers across a broad range of blockchain and cryptocurrency technologies and protocols.
Be able to perform root cause analysis on various security-related issues that can span a large number of modalities including centralized custodians, smart contract and DeFi projects, physical and cyber security systems, and IT infrastructure
Be able to work independently and as part of a team
Self-starter who is highly motivated and has an intense curiosity
Perform research into security topics spanning hardware, software, firmware, and physical security
Desired Experience 3-5 years of security experience
1-2 years of blockchain or cryptocurrency experience
Experience with white hat hacking and penetration testing
Have performed threat and risk analysis
Participation at conferences in the security, cryptography, or cryptoasset/blockchain fields
Vulnerability discovery and analysis
Research background related to the above areas
Familiar with standard security tools and environments
Familiarity with cryptoasset/blockchain security and analysis tools
Comfort with hardware, software, and embedded security
Research exploitation and security mitigation bypass techniques
Desired Skills Familiarity with cryptology
Familiarity with compiler internals
Familiarity with operating system architecture
Proficient in C and C++,
Proficient in Python or Rust
Understanding of at least one architecture's assembly language.
Fully understand systems and identify trust/security boundaries and attack surfaces
Specialization in a relevant research area (e.g., static analysis, symbolic execution, patching, binary instrumentation, fuzz testing, formal methods, adversarial machine learning, etc)
Computer Science fundamentals experience (operating systems, data structures, algorithms, networking, etc)
Demonstrated successes in the discovery of software vulnerabilities
Detailed understanding of how computers work
Desire to learn both new and old technologies
Discover software vulnerabilities in complex code bases
Have an open mind and learning mindset
Experience in developing usable and maintainable software
Experience working on a research team
Proven ability to write detailed technical documentation
Ability to develop custom tools to assist in your work
Knowledge of reverse engineering, ideally with experience discovering and exploiting vulnerabilities
Be able to navigate and understand large source code codebases
Be able to develop software for reverse engineering, program analysis, and security tools.
Ability to quickly learn new programming languages and frameworks.
Discover software vulnerabilities in complex code bases
Research exploitation and security mitigation bypass techniques
Requirements Connect daily with the team virtually to describe progress, setbacks, ideas, and concerns.
Ability to communicate and document how complex systems work
Ability to stay motivated and focused while solving challenging problems
Collaborate with the team to write conference papers, blog posts, and proposals.
Customer and mission-focused attitude
Must live and work in the United States
Benefits 100% medical coverage, you never have to worry about getting sick
Reimbursement for home office expenses
Unlimited vacation and PTO
Compensation Highly competitive cash and equity package