Veda Labs.
An AI platform for retailers and other businesses to navigate through the COVID Era with it's superior technology.
Smart Contract Security Engineer
Location
United States
Posted
8 days ago
Salary
Not specified
Bachelor Degree3 yrs expEnglishOracleSolidityVault
Job Description
• Lead end-to-end security audits of Veda's smart contract systems, with focus on the BoringVault architecture, cross-chain bridge integrations, and complex DeFi composability patterns
• Identify novel attack vectors in vault accounting logic, share pricing mechanisms, and multi-strategy capital allocation systems
• Partner with external audit firms to coordinate comprehensive reviews and effectively address findings
• Evolve Veda's smart contract security standards, testing methodologies, and deployment practices
• Mentor smart contract engineers on secure coding patterns, gas optimization trade-offs, and defense-in-depth strategies
• Serve as the security subject matter expert in architecture discussions and design reviews
• Build and maintain custom security tools including fuzzing harnesses, invariant testing frameworks, and symbolic execution pipelines
• Research emerging attack patterns in DeFi and translate findings into defensive measures
• Contribute to Veda's security knowledge base through internal documentation and post-mortems
• Design and implement real-time monitoring systems for on-chain anomaly detection
• Lead on-chain security incident response when needed, including root cause analysis and remediation
• Maintain security runbooks and escalation procedures for the engineering team
Job Requirements
- EVM Expertise: Deep understanding of EVM architecture, opcode-level behavior, gas mechanics, and storage patterns.
- Solidity Mastery: 3+ years writing and auditing production Solidity code, with strong instincts for identifying subtle vulnerabilities in complex contract systems
- DeFi Security Experience: Proven track record conducting security audits or vulnerability research in DeFi protocols. You understand composability risks, oracle dependencies, and economic attack vectors
- Audit Methodology: Experience performing comprehensive smart contract audits from threat modeling through remediation validation
- Security Tooling: Hands-on experience with tools like Foundry, Echidna, Slither, Manticore, or similar frameworks for testing and analysis
- Communication: Exceptional written communication skills. You can translate complex technical vulnerabilities into clear, actionable guidance for both technical and non-technical stakeholders
- Proven Security Track Record: Professional experience at a tier-1 audit firm, security role at a leading DeFi protocol, or top placements in competitive audit contests
- Familiarity with MEV infrastructure, mempool analysis, and transaction ordering dependencies
- Understanding of cross-chain security challenges including bridge architecture, message verification, and multi-chain state synchronization
- Track record of discovering high-severity vulnerabilities in production DeFi protocols
- Active participation in security communities (competitive CTFs, bug bounties, or published research)
- Experience with symbolic execution and formal verification methods
- Experience with non-EVM environments (Solana, Move)
Benefits
- Health Coverage
- Flexible Time Off
- Remote-First by Design
- Parental Leave
- Learning & Development
