Security Engineer – Blockchain & Web3 Security
Job Summary:
We are seeking a Security Engineer specializing in Blockchain and Web3
Security to design, secure, and continuously improve the security posture of
smart contracts, Web3 applications, digital asset platforms, and supporting
off-chain systems. This hands-on engineering role focuses on embedding
secure-by-design principles across the blockchain and Web3 technology stack.
Key Responsibilities:
-
Perform threat modeling and risk analysis for blockchain platforms, smart
contracts, Web3 apps, wallets, and transaction flows.
-
Conduct secure design and code reviews of smart contracts and Web3
components.
-
Define and enforce smart contract and Web3 secure coding standards.
-
Integrate automated security controls into CI/CD pipelines.
-
Support internal and external security audits and remediation efforts.
-
Strengthen key management, custody, and signing controls.
-
Contribute to incident response and implement post-incident improvements.
Requirements:
-
6–10+ years of experience in security or secure software engineering.
-
Hands-on experience with blockchain and Web3 security.
-
Strong knowledge of Solidity and the Ethereum Virtual Machine (EVM).
-
Familiarity with non-EVM platforms like Canton, Stellar.
-
Exposure to
DAML and RUST
is highly desirable.
-
Deep understanding of smart contract vulnerabilities and mitigations.
-
Experience with secure
SDLC and DevSecOps
methodologies.
-
Strong grounding in cryptography fundamentals.
-
Certified Blockchain Security Professional (CBSP) or equivalent blockchain
security certification is a must.
-
Certificate in Blockchain Security or Smart Contract Security from a
recognized industry or standards body.
-
Proven smart contract security credentials, audits, or platform
certifications covering EVM-based chains (e.g., Ethereum), permissioned
DLTs, or Web3 protocols.
Preferred Qualifications:
-
Experience with regulated or institutional digital asset platforms.
-
Exposure to Hardware Security Modules (HSMs), Multi-Party Computation (MPC),
or Vaults.
-
Knowledge of fuzzing, invariant testing, or formal verification techniques.
-
CISSP – Certified Information Systems Security Professional ((ISC)²) or CISM
– Certified Information Security Manager (ISACA) certification would be
advantageous.
Location: Pune, Hyderabad, Bangalore