# About ZetaChain
We’re building something ambitious at ZetaChain: the first universal blockchain that connects everything—Bitcoin, Ethereum, every chain. We’re backed by top investors, live on mainnet, and building the future of blockchain technology. If you’re excited about working on big, meaningful problems with a world-class team, you’re in the right place.
We are seeking an experienced and dedicated Senior Blockchain Security Engineer to join our Security team and play a crucial role in safeguarding the ZetaChain ecosystem.
Why You Want To Work Here
- Impactful Role: Play a pivotal role in shaping the future of a leading blockchain protocol.
- Remote Flexibility: Enjoy the freedom and flexibility of a remote work environment, ensuring a work-life balance with quarterly team meet ups to get to know each other in person.
- Cutting-Edge Technology: Dive deep into the latest advancements in blockchain technology with ZetaChain’s innovative protocol.
- Continuous Learning: Stay updated with the rapidly evolving blockchain landscape, ensuring you’re always at the forefront of the industry.
- Commitment to Open Source: We are committed to supporting open source software and use high quality open source tools internally when possible.
Find out more about our high performance culture.
Job Description
This role is focused on securing the broader ZetaChain ecosystem by working hands-on with independent third-party developer teams — from early-stage grant recipients to established partners — to help them build and maintain secure blockchain applications. These teams are critical to our ecosystem’s growth.
The ideal candidate has a strong background in product security, TypeScript/JavaScript/React programming, and Web3 development, along with deep knowledge of wallet security, dApp threat modeling, and account abstraction (EIP-4337). You should be comfortable acting as both a technical expert and a trusted partner to external teams.
Responsibilities
- Work directly with external ecosystem developers to advise on smart contract, dApp, and wallet security best practices throughout the development lifecycle
- Collaborate with internal and external teams to identify high-risk code changes in both React/TypeScript frontends and smart contracts, participating in security-focused code reviews
- Develop and implement innovative security testing methodologies specific to blockchain and DeFi environments
- Analyze new and emerging dApp and wallet attack vectors (phishing, session hijacking, malicious npm packages, RPC manipulation) and assess their potential impact on the ZetaChain ecosystem
- Lead or coordinate security audits and penetration tests for ecosystem projects, and drive timely remediation of findings
- Contribute to and help manage the bug bounty programs by validating and triaging reported vulnerabilities
- Create and maintain security guidelines, best practices, and documentation tailored for ecosystem developers
Requirements
- Location:
- Hybrid in San Francisco is preferred (2-3 days a week)
- Open to fully remote for exceptional candidates that align with US Timezones
- 3+ years of experience in cybersecurity, with a focus on blockchain and Web3 technologies
- 2+ years of software development experience working with smart contracts (Ideally Solidity)
- Experience with security tools and techniques specific to blockchain environments
- Deep familiarity with common attack vectors in Web3, such as flash loan attacks, reentrancy, and oracle manipulation
- Strong understanding of Wallet security (EIP-712, SIWE etc), account abstraction (EIP-4337), smart contract vulnerabilities and DeFi-specific risks
- Familiarity with tools and frameworks like Foundry, Slither, Tenderly, Wagmi, viem, RainbowKit
- Strong analytical and problem-solving skills with attention to detail
- Excellent communication skills and ability to explain complex security concepts to both technical and non-technical audiences
Preferred Qualifications
- Experience with Ethereum, Ton, Solana, SUI, and other major blockchain protocols
- Previous experience auditing code (Solidity, React, Typescript, Rust, Func, etc)
- Contributions to open-source blockchain security tools or research
- Active participation in bug bounty programs or capture-the-flag (CTF) competitions
- Experience implementing and managing automated security testing pipelines
- Familiarity with formal verification techniques for smart contracts
- Understanding of zero-knowledge proofs and their blockchain applications
In-Office Culture
This is a remote position but we will prioritize applicants based in the Bay Area. Many members of our team work hybrid from our San Francisco office, and we aim for 2 to 3 in-office days per week. We know life happens, whether it’s travel, appointments, or family needs and we’re flexible when the schedule needs to shift. The company is a mix of fully remote and hybrid team members.
Compensation
Base Salary: $150,000 – $200,000 (San Francisco benchmark)
This range reflects base salaries for roles in the San Francisco market. For candidates in other locations, compensation is adjusted to remain competitive within their local market.
In addition to the base salary, all full-time team members receive an additional 10% to 25% in liquid benefits with upside based on role, experience, and impact. We believe in building together and sharing in the long-term success of the network. Compensation packages are designed to be competitive and aligned with the growth of both the team and the ecosystem.
Let’s build the first Universal Blockchain together.
ZetaChain
US Timezones