Security Engineer

Evertas, the first cryptoasset and blockchain insurance company, is seeking a Security Engineer to join their team of smart, motivated people looking to protect the assets and infrastructure of the entire Web3 ecosystem.  We are a fully remote, mission-driven company. Evertas looks for high-quality candidates of any and all backgrounds, if this posting speaks to you (even if it is not a perfect fit) send us a note, we want to talk to you!

Responsibilities

• Support insurance underwriting, by reviewing complex systems including centralized custodians, smart contract and DeFi projects, physical and cyber security systems, and IT infrastructure
• Support investigations and claims related to theft and loss of cryptocurrency, failures of smart contracts and protocols, and other related matters.
• Support assessments, audits, and improvements of customers across a broad range of blockchain and cryptocurrency technologies and protocols.
• Be able to perform root cause analysis on various security-related issues that can span a large number of modalities including centralized custodians, smart contract and DeFi projects, physical and cyber security systems, and IT infrastructure
• Be able to work independently and as part of a team
• Self-starter who is highly motivated and has an intense curiosity
• Perform research into security topics spanning hardware, software, firmware, and physical security

Desired Experience

• 3-5 years of security experience
• 1-2 years of blockchain or cryptocurrency experience
• Experience with white hat hacking and penetration testing
• Have performed threat and risk analysis
• Participation at conferences in the security, cryptography, or cryptoasset/blockchain fields
• Vulnerability discovery and analysis
• Research background related to the above areas
• Familiar with standard security tools and environments
• Familiarity with cryptoasset/blockchain security and analysis tools
• Comfort with hardware, software, and embedded security
• Research exploitation and security mitigation bypass techniques

Desired Skills

• Familiarity with cryptology
• Familiarity with compiler internals
• Familiarity with operating system architecture
• Proficient in C and C++,
• Proficient in Python or Rust
• Understanding of at least one architecture’s assembly language.
• Fully understand systems and identify trust/security boundaries and attack surfaces
• Specialization in a relevant research area (e.g., static analysis, symbolic execution, patching, binary instrumentation, fuzz testing, formal methods, adversarial machine learning, etc)
• Computer Science fundamentals experience (operating systems, data structures, algorithms, networking, etc)
• Demonstrated successes in the discovery of software vulnerabilities
• Detailed understanding of how computers work
• Desire to learn both new and old technologies
• Discover software vulnerabilities in complex code bases
• Have an open mind and learning mindset
• Experience in developing usable and maintainable software
• Experience working on a research team
• Proven ability to write detailed technical documentation
• Ability to develop custom tools to assist in your work
• Knowledge of reverse engineering, ideally with experience discovering and exploiting vulnerabilities
• Be able to navigate and understand large source code codebases
• Be able to develop software for reverse engineering, program analysis, and security tools.
• Ability to quickly learn new programming languages and frameworks.
• Discover software vulnerabilities in complex code bases
• Research exploitation and security mitigation bypass techniques

Requirements

• Connect daily with the team virtually to describe progress, setbacks, ideas, and concerns.
• Ability to communicate and document how complex systems work
• Ability to stay motivated and focused while solving challenging problems
• Collaborate with the team to write conference papers, blog posts, and proposals.
• Customer and mission-focused attitude
• Must live and work in the United States

Benefits

• 100% medical coverage, you never have to worry about getting sick
• Reimbursement for home office expenses
• Unlimited vacation and PTO

Compensation

• Highly competitive cash and equity package