From the code to the values, we are Ethereum-aligned. We believe Ethereum has the potential to solve some of humanity’s most crucial coordination issues. Since our initial inception as a non-profit research group, we have sought to scale both its technology and values.
At present the most pressing bottleneck to the growth of Ethereum is its performance and scalability. We are building the most elegant solution to this problem; Optimism's network improves Ethereum's performance by orders of magnitude. We do this out in the open because we believe in open source and its ability to accelerate innovation. We believe the future of the open internet is too important to be left to chance. By operating as a Public Benefit Corporation, OP Labs is able to align its private incentives with public good and take positive-sum steps to provide a sustainable future for the internet.
The OP Labs security team is looking for a passionate and innovative protocol security engineer. The person joining the team will be building tooling and platforms to secure the Superchain and help both the OP Labs engineering team and other core devs in the Collective securely ship protocol and ecosystem changes.
What are the role responsibilities?
A successful candidate in this role should excel in one or more of the following areas:
- Own and deliver improvements to the Superchain’s incident response tooling and infrastructure, such as our ImmuneFi Bug Bounty, Superchain’s “Big Red Pause Button”, and detection and response of onchain incidents (e.g. faulty withdrawals and bridge hacks).
- Own and deliver improvements to the Superchain’s Deployment Safety tooling and infrastructure, such as our superchain-ops and superchain-registry repositories, op-upgrade deployment tooling, deployment risk analyzers, and changes to the protocol itself towards safer protocol upgrades.
- Own and deliver improvements to the Superchain and OP Stack’s DevSecOps effort, including formal analysis, integration/invariant/fuzz testing infrastructure, and tools to enforce secure coding styles.
- 3+ years of experience in a software or security engineering role.
- 2+ years of experience in protocol and smart contract security.
- Deep knowledge of Ethereum and the EVM required.
- Strong grasp of computer science and distributed systems fundamentals required.
- Prior experience in incident response, deployment safety or DevSecOps for a large protocol.
- Experience breaking complex smart contract & client systems into modular components to limit blast radius of security vulnerabilities.
- Must be an excellent written communicator. Comfortable writing clear and concise documents that the rest of the team can consume and implement.
- Detail oriented. Must be comfortable identifying issues regardless of how small, and helping team triage issues.
- High agency. This person must be able to proactively identify issues and improvements, and then fix them. The team shouldn’t have to hand-hold successful candidates.
What you'll like about us:
- We take care of our employees—from fully paid medical, dental and vision to a 4% 401K match, we've got you covered—learn more about our benefits, culture and all recruiting FAQ here.
- We take pride in the accomplishments of our teammates and support each other in doing the best work of our careers.
- Our team is a diverse group of people from a variety of backgrounds and interests. We cherish our eclecticism and consider it a great strength.
- We have a transparent, feedback-driven and fun-centric culture.
- We are a team of builders—our founding team has been working on Ethereum scalability since 2015.
We strongly encourage candidates of all different backgrounds to apply. We believe that our work is stronger with a variety of perspectives, and we’re eager to further diversify our company. If you have a background that you feel would make an impact at Optimism, please consider applying. We’re committed to building an inclusive, supportive place for you to do the best work of your career.