Senior Protocol Security Engineer
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5+ years of engineering experience in Web3, with smart contracts running in production. • Strong hands-on experience with smart contract security, including audits, reviews, or protocol design. • Solid understanding of protocol-level threat models, including MEV and oracle manipulation, governance and economic attacks, and composability or systemic risk. • Experience working with external auditors, security reviews, or certification processes. • Familiarity with bug bounty programs and vulnerability disclosure workflows. • Excellent communication skills, with the ability to explain complex security topics to both technical and non-technical stakeholders. • CTF and Bug bounty track record. • Contributions to open-source security or smart contract tooling. • Fluent (written and spoken) in both French and English.
Responsibilities
• Protect Kiln’s production protocols accros Kiln Onchain (dedicated staking and liquid staking protocols), Kiln DeFi (ERC-4626 vaults built on top of lending and RWA protocols), and Railnet (vault and validator infrastructure). • Design and execute smart contract security testing, including invariants, fuzzing, and exploratory formal verification. • Perform internal smart contract security audits and provide clear, actionable remediation guidance. • Own security sign-off for smart contract releases and act as a key decision-maker on security trade-offs. • Contribute to protocol-level threat modelling, including economic, governance, and composability risks. • Build and maintain smart contract security tooling: contract inventory, governance automation, monitoring, and alerting in production. • Continuously improve Kiln’s smart contract security framework: aligned with business growth, protocol complexity, and compliance requirements. • Act as the primary point of contact for smart contract security at Kiln, coordinating with external auditors and supporting security certifications. • Partner closely with Protocol, EVM, Infrastructure, and Product teams to embed security into design reviews, CI/CD, testing, and release workflows. • Smart Contracts (EVM): Solidity, Vyper, Foundry, Certora • Software: Python, Golang • Infrastructure: AWS, Kubernetes, Web3Signer, Hashicorp Vault, Prometheus
Benefits
• Equity options mentioned as part of compensation: "Equity." • Paid time off is included under benefits with a specific amount provided for PTO: "PTO - up to 20 days per year, including holidays and sick leave." • Insurance coverage offered through Kiln's health plan. • Perks such as free food are mentioned in the job posting. • Remote work options available at least part of the time: "Remote Work Options - Flexible remote schedule with a minimum requirement to be onsite 2 days per week."