Security Analyst (Remote)

We are seeking a highly skilled and motivated security analyst. The ideal candidate will have a strong background in computer science, possess advanced technical expertise, and demonstrate a deep understanding of security principles. This role involves identifying and mitigating security vulnerabilities through manual code review, running cutting-edge security tools and analyzing their results, actively staying up-to-date on emerging security threats, and learning to audit in new and exciting technologies.

We welcome student applications! However, only applications from students graduating within the next six months will be considered.

About Veridise

Veridise is a blockchain security company founded in 2022 by academics focused on bringing increased automation to the security landscape.

Veridise performs security audits for smart contracts, zero-knowledge circuits, blockchain implementations, key management services, and other off-chain services like relayers, bridges, wallet integrations, and more. Additionally, many members of the Veridise team research and develop modern security tools designed to tackle the ever-changing landscape of blockchain development, providing novel and automated insights into the security of smart contracts and zero-knowledge circuits.

With these two hybrid approaches, Veridise combines the theory and expertise of the programming languages research community with the persistence and insight of professional security analysts.

Responsibilities

  • Work closely with Veridise audit teams to perform security assessments and analyze potential vulnerabilities.
  • Document findings and present recommendations for improvements.
  • Meet and communicate with clients to convey progress and share security issues.
  • Stay current with the latest trends in security, cryptography, and malware analysis.
  • Write blogs, present at conferences, and help guide our tool-design teams with feedback and ideas for new automations.

Qualifications

  • Bachelor’s degree or higher in Computer Science, Information Security, or related field, or 3+ years of experience in the security industry. We are not currently accepting applications from students graduating more than six months from now.
  • Proficiency in at least one of the following programming languages: C, Python, Rust, Solidity, C++, Java, or similar.
  • Experience with source code security reviews, penetration testing, reverse engineering, or malware analysis. Experience in information security, data compliance, or network monitoring is not necessary for this role.
  • Familiarity with security frameworks and standards (e.g., OWASP, NIST, ISO).
  • Deep understanding of security concepts, threat models, and secure software development.
  • Excellent problem-solving skills, sharp attention to detail, strong ethics, and a desire to prove correctness to yourself.
  • Effective communication skills for both technical and non-technical audiences.

Preferred

  • Masterʼs or PhD with a specialization in Security or related field.
  • 2-4 years of professional experience in security analysis, research, or related roles.
  • Cryptography. Experience or education in designing, breaking, or securely implementing cryptographic primitives and protocols. Math background paired with practical expertise is a great fit.
  • Bug in the Wild. Experience exploiting and breaking native, web, or blockchain applications with techniques like kernel exploitation, logical error manipulation, sandbox escapes, or other classes of attacks. Previous bug bounty reports are always welcome.
  • Malware and Tooling. Experience in reverse engineering, formal methods/software security tools (fuzzing, automated testing, static analysis, SMT-solving, formal verification).

Benefits of Working at Veridise

  • Help guide internal research teams and participate in continuing education on security and blockchain topics.
  • Work with top-tier teams to secure cutting edge projects and technologies.
  • Opportunity for yearly bonuses.
  • Fully remote work.