Bitcoin Offensive Security Engineer - 100% Remote, Blockchain, DeFi

Our mission is to provide value-add security services and products to the world’s most cutting edge technology firms and that starts with blockchain tech. Founded in 2019, Halborn is an elite cyber security company focused on solving complex adversarial problems unique to the cryptocurrency and fintech industries. From breaches and social engineering to stolen private keys and economic hacks, Halborn solves it. Our clientele are the exclusive blockchain companies as well as new startups with high growth trajectories.

Halborn is a globally distributed team of 100+, looking to grow our elite team of white hat hackers, sales professionals, security engineers and DevSecOps specialists who value independence, want to make their own hours, work for themselves and have a passion for the ever evolving cryptocurrency industry.

Halborn Inc is an Equal Opportunity Employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, education, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics and celebrates the diversity of its growing team.

We are unable to sponsor or take over sponsorship of employment Visas at this time.

Recruitment agencies and consultants may not submit resumes/CVs through this website or directly to managers. Halborn does not accept unsolicited agency resumes, and will not pay fees to any third-party agency or company that does not have a signed agreement with Halborn Inc.

• Conduct realistic adversary simulations from conception through reporting.
• Perform testing on systems, applications, networks, and processes.
• Research cutting-edge offensive security techniques.
• Develop tools and exploits.
• Communicate clearly and effectively, both written and orally, regarding risks and required remediations.
• Work collaboratively and independently on unique or specialized assignments requiring specific knowledge or experience.
• Comply with Company, Division, and Professional ethical standards.

• A passion for the blockchain industry.
• 3+ years of experience in application development in Golang and C++ (both are mandatory) (blockchain or smart contract development experience is a plus).
• 2+ years of offensive security experience.
• Experience in WASM/BPF is a plus.
• Understanding of system administration and network administration.
• Experience using common penetration testing tools (BurpSuite, Metasploit, etc.).
• Practical reverse engineering and fuzzing experience is a plus.
• Proficient in at least one scripting language.
• Proficiency with common server and workstation operating systems.
• Proficient in testing modern web application languages and frameworks.
• Proficient knowledge of blockchain and smart contract implementations.
• Deep understanding of Golang-based smart contract runtimes.
• Ability to think critically and identify areas of technical and non-technical risk.
• Ability to write technical reports and communicate technical content to non-technical audiences.
• Experience in security research, including vulnerability discovery and exploit development.

• Experience working with Bitcoin or its forks (Bitcoin Cash, etc.).
• Experience working with Ethereum clients.
• Experience with Cosmos SDK and solid understanding of Tendermint.
• Experience with IBC (Inter-Blockchain Communication).
• Experience working with consensus protocols.
• Basic knowledge of cryptographic primitives such as public/private keys, hash functions, and Merkle trees (understanding how to use them, not implement them).
• Relevant security certifications are a plus but not required (OSCP, OSCE, GPEN, GWAPT, LPT, CISSP).