Posted 30 Dec 2022, 5:11 pm
Head of AppSec at Parity
Parity is one of the world's most experienced core blockchain infrastructure companies, having built and pioneered some of the most advanced technologies in the blockchain sector. Parity was founded by Dr. Gavin Wood, co-founder and former CTO of Ethereum, the primary engineer behind the Ethereum Virtual Machine (EVM), inventor of the Solidity programming language, and primary author of the Ethereum Yellowpaper.
Based in Berlin, London, and Lisbon with over 340 employees worldwide, Parity has built clients for Ethereum, Bitcoin, and Zcash and has pioneered a completely new, next-generation blockchain protocol with Polkadot and the framework it’s built with, Substrate. Parity builds the open-source technologies needed to power an unstoppable, decentralized web—known as Web3—and helps developers and organizations implement and build upon the Web3 tech stack.
About the position:
What you will do:
- be that important link helping security researchers (be that independent auditors, bug bounty hunters or even yourself) and engineers in charge of the code understand each other;
- help teams learn state of the art security practices and embed them into day-to-day work;
- perform a lot of threat modelling and other pre-audit documentation work to help us get most kick for the (quite significant) buck we spend on those audits;
- hone and improve our security-related processes like bug bounty and internal vulnerability response;
- and of course this is not a single-man job, so you’d be building and growing a team to help you with those challenges.
- know your security tools and approaches: you should be leading our way when setting up SAST, DAST, fuzzing, property-based testing, symbolic execution, network simulation tools and such;
- have exposure to cryptography, decentralized networking, hardware key management solutions;
- have understanding of modern blockchain tech landscape and the new classes of threats it experiences;
- have experience in threat modelling, red/blue teaming, working with best in class independent security teams and turning their findings into actual deployed fixes in our codebase;
- be able to help with hiring, lead the resulting team and set up security practices all around the company;
- be a self-starter: most of the time there would be little guidance on which areas to work on first and what to improve there. You’re expected to determine that yourself, keeping company-wide goals in mind, and drive those initiatives to completion.
Nice to have:
- Rust knowledge;
- Prior work experience in blockchain/cryptocurrency fields;
- located in or willing to relocate to Berlin, Germany;
- A background in open source software development;
- Passionate about Web 3.0 and what it represents for the future;
- Have an interest in Parity and accompanying technologies such as Substrate.
About working for us:
For everyone who joins us:
- Competitive remuneration packages, including tokens (where legally possible), based on iterative market research
- Remote-first, global working environment with flexible hours
- Collaborative, fast-paced, and self-initiating culture, designed to mimic an open source workflow
- Energising and collaborative team and company retreats all over the world
- Opportunity to learn more about Web3 while on the job, with access to some of the brightest minds in this space; we have plenty of educational initiatives such as internal sessions, all-hands, AMAs, hackathons, etc.
- Teammates who are genuinely excited about their job, impact, and Parity’s mission
- Opportunity to relocate to Germany or Portugal
For those joining us as employees in Germany, Portugal, or the U.K.:
- 28 paid vacation days per year
- Work laptop (macOS or Linux-based) and equipment to enable you to work successfully
- £2,500 yearly learning and development budget for conferences or courses of your choice
Not a perfect match to our requirements? We're still excited to receive your application and hear how you think you can help us achieve our mission.
Please mention the word **ACHIEVEMENT** and tag RMTA3LjE3OC4yMDAuMTk1 when applying to show you read the job post completely (#RMTA3LjE3OC4yMDAuMTk1). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.
The offering company is responsible for the content on this page / the job offer.
Source: Remote Ok