Security Engineer (Penetration Testing)


About the job

Why Us?

CertiK is a pioneer in blockchain security, leveraging best-in-class AI technology to protect and monitor blockchain protocols and smart contracts. Founded in 2018 by professors from Yale University and Columbia University, CertiKโ€™s mission is to secure the web3 world. CertiK applies cutting-edge innovations from academia to enterprise, enabling mission-critical applications to scale with safety and correctness.

About The Role

The primary responsibility of this role is for CertiKโ€™s security-related services. Intersecting cybersecurity and blockchain, CertiKโ€™s security offerings include security consulting, security reviews, security auditing of smart contracts and blockchains, verification of smart contracts, penetration testing, and more. We are looking to hire someone with a passion for application security and penetration testing. This is a fun and challenging full-time position. If you are excited about hacking, threat modeling, scanning, auditing, designing, and enhancing the security of applications across the board then you will thrive in this role. While you work with clients, we will also provide you with plenty of opportunities to get involved with research and development efforts to help us raise the standards of blockchain security.

  • Perform security assessment on web, mobile, thick client application, and browser extension.
  • Perform external, internal network penetration tests
  • Work directly with the external blockchain developers to audit their code and secure their products including smart contracts, and dapp.
  • Develop comprehensive pentest reports for technical and non-technical audiences
  • Research and develop innovative techniques, tools, and methodologies for pentesting applications in the Blockchain space
  • Contribute to the community through the development of tools, presentations, and blog posts

  • Passionate about Cryptocurrency/DeFi/Blockchain
  • Familiar with the solidity programming language and smart contract
  • Minimum of 3 years experience with application security and penetration testing
  • Minimum of BS degree in CS/Security Information or related field. Preference is MS or PhD
  • Experience in programming with scripting languages such as Python, Perl, Ruby and Bash
  • Solid understanding of cryptography
  • Strong spoken and written communication skills

Bonus Points
  • OSCP, OSWE, OSCE, GWAPT or comparable certification
  • Familiar with cloud platforms such as AWS, Azure and GCP
  • Experienced with smart contract security audit
  • Participated in the bug bounty programs
  • Published security related blog post
  • Spoke at security conferences and/or local meetups

About The Company

One of the fastest-growing and most trusted companies in blockchain security, CertiK is a true market leader. To date, CertiK has worked with over 3,200 Enterprise clients, secured over $310 billion worth of digital assets, and has detected over 60,000 vulnerabilities in blockchain code. Our clients include leading projects such as Aave, Polygon, Binance Smart Chain, Terra, Yearn, and Chiliz.

Investors = Insight Partners, Sequoia, Tiger Global, Coatue Management, Lightspeed, Advent International, SoftBank, Hillhouse Capital, Goldman Sachs, Coinbase Ventures, Binance, Shunwei Capital, IDG Capital, Wing, Legend Star, Danhua Capital and other investors.


Target annual salary for this role performed in the US is $100,000 - $140,000. The exact compensation at which this job is filled will be determined by the skills and experience of qualified candidates.




CertiK is proud to offer medical, vision, and dental insurance, 401(k) plan with company matching, life and accidental death and dismemberment insurance, HSA (with high deductible plan), FSA, and other benefits to all full-time employees, along with flexible paid time off and holidays.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

CertiK is proud to be an equal opportunity employer. We will not discriminate against any applicant or employee on the basis of age, race, color, creed, religion, sex, sexual orientation, gender, gender identity or expression, medical condition, national origin, ancestry, citizenship, marital status or civil partnership/union status, physical or mental disability, pregnancy, childbirth, genetic information, military and veteran status, or any other basis prohibited by applicable federal, state or local law.

CertiK will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements.

All CertiK employees are expected to actively support diversity on their teams, and in the Company.

Apply now
Apply now

Please let CertiK know that you found this job on Your support will help us grow!