Security Engineer - Cosmos

Informal Systems is a full-suite Research & Development institution. We work on bold research problems at the intersection of formal verification and distributed systems and develop high-value distributed systems infrastructure in Rust.

The Cosmos technology stack, including Tendermint Core, the Cosmos-SDK, IBC, and the Cosmos Proof of Stake modules, is an industry leading Go toolkit for building, deploying, and running community owned decentralized networks that secures upwards of $100B in cryptocurrency market cap.

As a Security Engineer in Cosmos, you will work with teams across the stack on rigorous and high-caliber reviews, tools, processes, and testing regimes to guarantee the quality of the software and the security of the networks that run it.

Responsibilities

  • Review critical sections of the codebase for security vulnerabilities, deviations from specification, and other bugs
  • Improve, develop, and apply tools to automate discovery of vulnerabilities
  • Improve existing tests and develop new tests to increase coverage
  • Improve the existing state simulation framework and work with research teams to increase its capabilities
  • Work with research teams to apply new formal verification tools to the codebase, like Model-Based testing
  • Develop tools and processes to improve and maintain alignment between software and specifications
  • Participate in scoped audits of internal and external codebases
  • Participate in the security incident response team
  • Improve the correctness, code-quality, and quality assurance of the software.
  • Contribute clean, well tested, and well documented code.
  • Review issues and pull requests and provide valuable feedback to contributors.
  • Mentor other engineers and support the growth and health of the team.
  • Guard the quality of the software from technical debt, missing tests or documentation, and feature creep.
  • Nurture a safe and enjoyable open source experience for contributors.

Skills

  • At least 5 years developing, releasing, and maintaining production software.
  • At least 3 years with explicit focus on security and/or testing
  • Experience with modern security, fuzzing, and testing tools
  • Significant experience writing and reviewing production Go or blockchain-relevant software.
  • A track record of discovering security vulnerabilities
  • Experience with complex numerical deterministic state transition machines.
  • A deep understanding of computer science and security fundamentals.
  • The ability to take ownership and see initiatives through.
  • Excellent interpersonal skills, experience working with distributed teams, and enjoys working with and mentoring others.

About Informal:

Informal is a remote-first company with offices in Toronto, Lausanne, Vienna and Berlin. We are structured like a worker’s cooperative, where important corporate actions are subject to one-person-one-vote democratic control by the member-employees. We provide 5-weeks of paid vacation, lifestyle benefits, and annual retreats with the whole team. We envision a sustainable future of cooperatively owned and governed, open-source, distributed organizations running on reliable distributed systems and are excited to grow the team with amazing individuals who believe in making this future a reality.

Details:

  • Location: Berlin, Toronto, Lausanne, Vienna, Paris, Remote
  • Job Type: Full-time

To Apply:

Please apply via this this Google form where you’ll be prompted to upload a cover letter, CV, and other information that will help the review process go smoothly.

We are an equal opportunity employer and value diversity in our organization. We are committed to equal employment opportunities and encourage applications from people of all race, religion, colour, national origin, gender identity, sexual orientation, age, marital status, veteran status, or disability status.