Cryptography Auditor

We are looking for an exceptional Cryptography Auditor to evaluate and secure blockchain-integrated cryptographic protocols, ensuring correctness, robustness, and post-quantum readiness across cutting-edge systems.

What You’ll Do:

• Perform in-depth security audits for cryptography protocols on a project-by-project basis, identifying and mitigating potential vulnerabilities.

• Deliver comprehensive security reports and collaborate with client development teams to support timely remediation efforts.

• Engage with the broader security and cryptography community by participating in conferences, webinars, and technical discussions, and share insights that advance collective knowledge and best practices.

• Stay current with the latest security threats, vulnerabilities, and countermeasures in the blockchain space, adapting approaches as needed.

• Deliver comprehensive security reports and collaborate with client development teams to support timely remediation efforts.

• Contribute to the development and improvement of internal tools that enhance the efficiency of the audit process.

It’s a Match If You Have:

• Foundational Cryptography Knowledge: Strong understanding of modern cryptographic primitives (encryption, signatures, key exchange, hash functions, MACs, RNGs). Ability to reason about mathematical soundness, security assumptions, and typical failure modes. Working knowledge of classical and quantum-resistant primitives.

• Applied Cryptography & Security Experience: Proven experience auditing or developing cryptographic code in Rust, Go, C/C++, TypeScript or Python. Experience using static/dynamic analysis, fuzzing, and adversarial testing for cryptographic components. Ability to identify and validate vulnerabilities through PoCs and threat modeling.

• Zero-Knowledge Proofs: Familiarity with zero-knowledge systems (Groth16, Plonk, Halo2, zkSTARKs, zkVMs). Understanding of polynomial commitments, trusted setups, and soundness proofs. Experience or familiarity with domain-specific ZK languages (e.g., Circom, Noir, Leo, Cairo, or ZoKrates, etc) used to design and verify ZK circuits.

• Multi-Party Computation: Understanding of secure multi-party and threshold cryptography, including DKG and threshold signatures.

• Post-Quantum Cryptography: Understanding of lattice-based and hash-based schemes (e.g., Kyber, Dilithium, Falcon, SPHINCS+). Familiarity with post-quantum multisig, threshold schemes, and PQC-based ZKPs.

• Knowledge of Standards & Best Practices: Familiar with NIST FIPS 203/204/205, ISO/IEC 14888, 15946, 11770, and related specifications.

• Communication, Audit Methodology & Reporting: Adherence to a structured audit workflow. Ability to produce clear, reproducible, and severity-classified findings with actionable remediation guidance. 

• Continuous Learning and Adaptability: Strong commitment to staying up-to-date with rapidly evolving blockchain technologies. Ability to quickly learn new concepts, tools, and protocols and effectively apply this knowledge to drive innovation and enhance system security.

Nice to Have:

• Security Certifications: Credentials demonstrating advanced security or cryptography expertise such as OSCP, OSWE, or academic qualifications.

• Framework Knowledge: Experience with blockchain frameworks like Substrate, Cosmos SDK, OP Stack, Avalanche Subnets, or Hyperledger Fabric, including understanding of consensus and validator security models.

• Proficiency in Other Languages: Exposure to diverse programming languages commonly used in blockchain systems - Solidity, Haskell, Move, Kotlin, Zig, or Cairo.

• Scalability Solutions Expertise: Knowledge of blockchain scalability and performance topics, including Layer-2 solutions such as Optimistic Rollups, zk-Rollups, and related bridging or data-availability mechanisms.

• Formal Verification: Familiarity with formal methods and verification tools, used for specifying and verifying the correctness of cryptographic protocols and consensus logic.

• Advanced Privacy Solutions Expertise: Understanding of advanced privacy-preserving technologies such as Fully Homomorphic Encryption, Trusted Execution Environments, and Secure Multi-Party Computation, with awareness of their integration and threat models in blockchain systems.

• Community Involvement: Active engagement in blockchain or cryptography communities (open-source contributions, research, or participation in conferences).