πUnited States
Application Security Engineer

iForte Solusi Infotek
πRemote
Please let iForte Solusi Infotek know you found this job on JobsCollider. Thanks! π
Summary
Join Vac's Security service unit as an Application Security Engineer and perform in-depth code reviews, focusing on low-level languages like Rust, Nim, and C++. Identify and address code-level and protocol-level vulnerabilities. Collaborate with development teams to remediate security issues and ensure best practices. Prepare for external security audits, defining scope, organizing documentation, and working with auditors. This hands-on role requires a passion for secure software development and proactive risk mitigation. You will execute incident response activities and contribute to the overall security posture of IFT projects. The position offers a mix of fiat/crypto compensation.
Requirements
- Minimum of 5 years of experience in Web3 security engineering, with proven experience securing blockchain protocols, smart contracts, or cryptographic systems
- Proficiency in low-level programming languages (Rust, Nim, C++)
- Expertise in secure coding practices, including identification of code/protocol-level vulnerabilities (e.g., buffer overflows, injection attacks) and code analysis/debugging
- Experience with manual/automated code review techniques and penetration testing in Web3 ecosystems
- Familiarity with cryptographic protocols, secure protocol design, and blockchain/distributed systems security
- Incident response capabilities (detection, analysis, containment, recovery)
- Experience collaborating with development/product teams to remediate vulnerabilities, including SSDLC processes and external audit preparation
- Strong documentation and communication skills for technical materials and stakeholder interactions (internal teams, auditors)
- Deep interest in blockchain technology and decentralisation
Responsibilities
- Perform in-depth manual and automated reviews of source code (with a focus on low-level languages such as Rust, Nim, and C++) to identify security vulnerabilities and logic flaws
- Analyse and review critical code paths for potential weaknesses
- Identify and assess both code-level vulnerabilities (e.g., buffer overflows, injection flaws) and protocol-level issues (e.g., insecure cryptographic implementations, protocol misconfigurations)
- Execute incident response activities, including detection, analysis, containment, and recovery, while documenting findings and lessons learned for continuous improvement
- Collaborate with development and product teams to remediate identified vulnerabilities, provide security guidance, and ensure secure coding practices are followed
- Define clear audit objectives and scope for external audits, focusing on the most critical components and protocols
- Prepare and organise all relevant documentation (architecture diagrams, codebase, threat models, protocol specifications) to facilitate an efficient and valuable external audit process
- Engage with external auditors early to clarify expectations and provide necessary context, ensuring the audit delivers actionable results
- Address and remediate issues identified in previous audits, and document improvements to demonstrate ongoing security maturity
Preferred Qualifications
- Experience with static and dynamic analysis tools (e.g. CodeQL, Valgrind)
- Knowledge of formal verification methods and tools
- Background in penetration testing or red teaming
- Ability to educate and train others on security best practices
- Contributions to open-source security projects or published security research
Benefits
We are happy to pay in any mix of fiat/crypto
Share this job:
Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.
Similar Remote Jobs
πUnited States
πUnited States

πAustralia

πNew Zealand

πAustralia
π°$150k-$175k
πUnited States
πArgentina, Colombia
πUnited States
πPoland