Protocol Security Engineer
We believe Ethereum has the potential to solve some of humanity’s most crucial coordination issues. Since our initial inception as a research group, we have sought to scale both its technology and values.
At present, the most pressing bottleneck to the growth of Ethereum is its performance and scalability. We are building the most elegant solution to this problem. We do this in the open (under an MIT open source license) because we believe in open source innovation and its ability to accelerate growth.
OP Labs is building Optimism mainnet, and by extension, the infrastructure that powers all OP-Stack chains. We are improving Ethereum’s performance by orders of magnitude and donating the profits from doing so to funding Ethereum public goods. By operating as a Public Benefit Corporation, OP Labs can align its incentives with the public good and take positive-sum steps toward a sustainable future for the internet.
The OP Labs security team is looking for a passionate and innovative protocol security engineer. The person joining the team will be building tooling and platforms to secure the Superchain and help both the OP Labs engineering team and other core devs in the Collective securely ship protocol and ecosystem changes.
What are the role responsibilities?
A successful candidate in this role should excel in one or more of the following areas:
- Own and deliver improvements to the Superchain’s incident response tooling and infrastructure, such as our ImmuneFi Bug Bounty, Superchain’s “Big Red Pause Button”, and detection and response of onchain incidents (e.g. faulty withdrawals and bridge hacks).
- Own and deliver improvements to the Superchain and OP Stack’s DevSecOps effort, including formal analysis, integration/invariant/fuzz testing infrastructure, and tools to enforce secure coding styles.
- 3+ years of experience in a software or security engineering role.
- 2+ years of experience in protocol and smart contract security.
- Deep knowledge of Ethereum and the EVM required.
- Strong grasp of computer science and distributed systems fundamentals required.
- Prior experience in incident response, deployment safety or DevSecOps for a large protocol.
- Experience breaking complex smart contract & client systems into modular components to limit blast radius of security vulnerabilities.
- Must be an excellent written communicator. Comfortable writing clear and concise documents that the rest of the team can consume and implement.
- Detail oriented. Must be comfortable identifying issues regardless of how small, and helping team triage issues.
- High agency. This person must be able to proactively identify issues and improvements, and then fix them. The team shouldn’t have to hand-hold successful candidates.
What will you like about us?
- We take care of our employees. Competitive compensation, fully paid medical, dental, and vision, and a 4% 401K match—learn more about our benefits, culture, and all recruiting FAQ here.
- We take pride in the accomplishments of our teammates and support each other in doing the best work of our careers.
- Our team is a diverse group of people from varied backgrounds. We cherish our eclecticism and consider it a great strength.
- We’re fully remote, deeply engaged, highly skilled, and like to have fun.
- We think long-term. Our founders have been scaling Ethereum since 2015.
We strongly encourage candidates of all different backgrounds to apply. We believe that our work is stronger with a variety of perspectives, and we’re eager to further diversify our company. If you have a background that you feel would make an impact at Optimism, please consider applying. We’re committed to building an inclusive, supportive place for you to do the best work of your career.