#vacancy #Risk #web3 #Remote #job posting Job title: Middle Smart-contract Security Auditor Location: World (work based on UTC+3)

What you will be doing: ● Conducting smart contract audits: analyzing project logic, searching for vulnerabilities, invariant violations, writing PoC tests, developing recommendations for fixing identified issues; ● Developing internal tooling and services: evaluating and implementing security tools to expand service offerings; creating agents and automation systems based on LLM; ● Research tasks: monitoring and analyzing new security tools and practices in the industry; ● Writing technical articles for the MixBytes blog.

What we expect: ● 2+ years of experience in an auditing company as a smart contract auditor or participation in public contests (Sherlock, Cantina, Code4rena, Code Hawks) with confirmed payouts, with mandatory audit experience on both stacks: EVM and SVM (Solana); ● 3+ years of development experience in one of the languages (Rust, Solidity, Vyper, Python, C/C++/C#, Java, Go); ● Non-trivial thinking and approach to vulnerability searching: natural distrust of ready-made solutions, habit of verifying assumptions through experiments; ability to find non-obvious bugs through a combination of different attack vectors; ● Understanding of the operation of main DeFi primitives (Lending, DEXs, Derivatives, Stablecoins, Liquid Staking, Bridges, etc.); ● Confident command of frameworks: Foundry, Hardhat, Anchor, Titanoboa; ● Deep work with AI: experience in creating own agents, pipelines, and automation tools based on LLM; ● Strong mathematical foundation: understanding of cryptographic primitives and their application in blockchain; ● Understanding of consensus algorithms in blockchain protocols; ● Confident command of English for communicating with clients, writing articles, and preparing documentation.

A plus will be: ● Experience in formal verification of smart contracts; ● Conducting security audits on other stacks: Sui, Aptos, TON; ● Confirmed bugs in bug bounty programs (Immunefi and similar); ● Participation in CTF competitions; ● Public findings, writeups, or CVEs; ● Publications or presentations on blockchain security, cryptography, or Web3.

Apply: @dobysh_v_