Security Engineer

Location: Remote, with the ability to overlap hours with CET, UAE, and USA.

About Flare:

Flare is a Layer 1 blockchain focused on delivering decentralized data access, making it easier for applications to integrate high-quality, real-world data. We’re building an ecosystem where innovation thrives, enabling developers, partners, and investors to unlock the full potential of Web3.

Reports to: CTO

Flare is seeking a Security Engineer to fortify our smart contracts and blockchain protocols against emerging threats. In this role, you’ll lead security audits, develop automated scanning tools, and conduct real-time vulnerability assessments to safeguard our ecosystem. You'll refine security frameworks and implement best practices to mitigate risks proactively. If you're proficient in Solidity, EVM, and languages like Go, Python, or TypeScript and have experience auditing complex smart contract systems, we want to hear from you.

Responsibilities

• Conduct security audits and reviews on smart contracts and related protocols. Summarise findings in high-quality audit reports.
• Design automated scanning and monitoring tools for smart contracts.
• Utilise scanning tools to detect vulnerabilities in online contracts and promptly issue risk warnings.
• Develop and monitor fast response processes. 
• Conduct root cause analysis on various hacking incidents, examining the causes, processes, prevention, correction and basic fund tracing.
• Demonstrate a good understanding of EVM chains and be familiar with DeFi design patterns.
• Perform a review analysis on newly disclosed vulnerabilities for smart contracts and summarise the root cause behind the exploits for early detection in the future.
• Develop on-chain security strategies and perform security assessments and threat modelling of various blockchain protocols. 
• Provide expert technical guidance to the team in building new frameworks, analysis tools, and security products.
• Lead the way in establishing best practices and engaging with product and engineering teams to get them adopted.
• Coach and mentor Protocol Security team members to build new skills and be crypto-forward.
• Conduct penetration testing 

Requirements

• Bachelor's degree (or higher) in Computer Science or a related field.
• Proficient in Solidity and EVM
• Proficient in either one of the programming languages: GO, Python, Typescript 
• Basic understanding of common Smart Contract security vulnerabilities, current incidents and simulation testing.
• Basic understanding of blockchain and smart contract principles, experienced with reading Blockchain explorers and creating scripts to track and scan data.
• Understanding of different types of solidity libraries and security associated with it.
• Familiar with smart contract development testing cycle and transaction analysis.
• Excel in identifying machine-level, transaction-level, and business logic-level vulnerabilities in smart contracts and protocol infrastructure.
• 3+ years of smart contract auditing experience and have led the audit of several complex protocols.