Protocol Security Engineer (Web3)

TL;DR

Protocol Security Engineer (Web3): Safeguarding ZKsync’s core components, including smart contracts, ZK circuits, and blockchain nodes, with an accent on security research and industry best practices. Focus on threat modeling, vulnerability detection, and embedding security best practices across development teams.

Company

hirify.global is building zkSync — a credibly neutral, fully open source technology stack and network on top of Ethereum.

What you will do

• Conduct threat modeling and internal reviews of Solidity contracts and blockchain state transition functions.
• Track the latest hacks, exploits, and attack vectors to translate lessons learned into actionable security improvements.
• Embed security best practices across development teams and influence secure design.
• Take ownership of protocol components with a focus on secure architecture and implementation.
• Participate in security investigations and incident response.

Requirements

• Curiosity and a hacker mindset to understand how things break.
• Strong security instincts with the ability to anticipate adversarial behaviors.
• Familiarity with recent security incidents in the blockchain space and knowledge of prevention techniques.
• Practical experience with Solidity smart contracts, ZK circuits, or core blockchain protocols.
• Comfort with protocol-level debugging and root-cause analysis.
• Proficiency in strongly typed languages (e.g., C++, Scala, Go); Rust and Solidity are primary languages.
• Deep understanding of algorithms, data structures, and their computational/memory complexities.
• Fluent written and spoken English.