Job Description

:

• Perform penetration testing on blockchain networks and smart contracts to identify potential vulnerabilities and exploitable weaknesses.

• Conduct code audits to ensure smart contracts and blockchain-based applications are secure and free from vulnerabilities.

• Use advanced techniques for vulnerability mining in blockchain environments, identifying zero-day vulnerabilities and emerging threats.

• Develop and execute comprehensive security auditing plans for blockchain platforms, including decentralized finance (DeFi) protocols and Layer 2 solutions.

• Lead the incident response process for security breaches, including root cause analysis, containment, eradication, and post-incident reporting.

• Implement vulnerability scanning tools to proactively identify security issues in both blockchain and traditional applications.

• Collaborate with development and engineering teams to define and implement effective risk mitigation strategies.

• Keep up to date with blockchain security trends, new attack vectors, and cutting-edge tools for identifying and defending against threats.

• Prepare and deliver detailed security reports, documenting vulnerabilities, attack simulations, and recommended security improvements.

• Train developers on secure coding practices in blockchain environments, ensuring best practices are followed throughout the development lifecycle.

• Engage with external security auditors and penetration testers as needed, managing the auditing process for continuous improvement.

• Bachelorxe2x80x99s degree in Computer Science, Cybersecurity, or a related field (Masterxe2x80x99s degree or certifications such as OSCP, CEH, or CISSP preferred).

• 5+ years of experience in cybersecurity, with a focus on blockchain technology and security practices.

• Extensive experience with penetration testing, specifically in blockchain networks, smart contracts, and distributed applications (dApps).

• Strong background in vulnerability scanning, using tools like Nmap, Nessus, Metasploit, and OWASP ZAP.

• Proficiency in code auditing, with knowledge of blockchain-specific languages like Solidity, Rust, or Vyper.

• Familiarity with blockchain consensus algorithms, cryptography, and attack vectors such as Sybil attacks, 51% attacks, and front-running.

• Hands-on experience with incident response and security event management (SIEM tools such as Splunk or ELK).

• Strong understanding of security auditing frameworks and risk management methodologies.

• Knowledge of threat modeling techniques and experience with blockchain security tools like Mythril, Slither, and Remix IDE.

• Solid understanding of smart contract security vulnerabilities such as reentrancy, integer overflow, and denial of service.

• Experience in designing and implementing risk mitigation strategies, focusing on secure design and architecture for blockchain applications.

• Experience with Decentralized Finance (DeFi) protocols and Layer 2 scaling solutions.

• Familiarity with blockchain platforms such as Ethereum, Hyperledger, Polkadot, or Binance Smart Chain.

• Knowledge of Zero-Knowledge Proofs (ZKP), Multi-signature wallets, and other advanced cryptographic techniques.

• Familiarity with cloud security in AWS, Azure, or GCP, especially in blockchain-based deployments.

• Strong scripting skills in Python, Bash, or Go to automate security testing and incident response tasks.

• Certifications in blockchain security, such as Certified Blockchain Security Professional (CBSP) or Blockchain Security Expert.

Quess Corp