Security Lead

Scroll is a Layer 2 scaling solution for Ethereum, specifically focusing on zkRollups. Key aspects of Scroll are zkRollup technology, Scalability, Efficiency, Security, and Developer-friendly. Overall, Scroll plays a crucial role in addressing Ethereum’s scalability challenges and facilitating the growth of decentralized finance (DeFi) and other blockchain-based applications by providing a scalable and efficient Layer 2 solution.

At Scroll, we operate on the bleeding edge of a fast-moving frontier of zk technology, research and innovation. The Application Security Engineer will be responsible for improving the zkEVM-based zkRollup security, ensuring that Scroll is one of the safest Layer 2’s for projects and users. The role is ideal for an individual who thrives in a start-up environment, a self-starter that is dynamic and comfortable to take on responsibilities and can work effectively within a remote setup.

Responsibilities: 

• Establish and maintain security best practices, policies, and procedures across the organization
• Develop and implement the overall security strategy for Scroll’s infrastructure, including the node operations, cloud instances, onchain activities, and associated systems
• Oversee the bug bounty program, including final decision-making on bug severity and rewards
• Lead security incident response and coordinate with relevant teams during critical situations
• Lead security reviews of major protocol upgrades and new feature implementations, and coordinate the audit process with external security vendors and audit firms
• Work closely with engineering team to ensure security is built into the development lifecycle from the ground up
• Build and maintain relationships with external security researchers, auditors, and the broader security community
• Represent Scroll’s security initiatives in the broader blockchain community through speaking engagements and technical content

Requirements: 

• 5+ years of experience in blockchain security, with experience in a leadership role
• Knowledge of Solidity, EVM, Layer 2 scaling solutions, and blockchain
• Experienced in security standards, tools, key management, and cloud security
• Proven track record of building and leading security teams in a fast-paced environment
• Proven ability to communicate complex security concepts to both technical and non-technical stakeholders
• Excellent project management skills and ability to coordinate multiple security initiatives simultaneously

Nice to Haves:

• Contributions to major blockchain security tools or frameworks
• Experience securing other Layer 2 solutions or ZK systems
• Experience with zk proof systems and circuits (r1cs, plonkish, AIR, stark, etc.)
• Track record of publishing security research or contributing to blockchain security standards
• You have successfully participated in a bug bounty program, either as a manager or reporter.
• Previous experience working in the crypto or blockchain space, with a focus on protocol security.

What We Offer

• Mission-Driven, Collaborative, and Innovative Environment: Join a team united by a shared vision, working with like-minded individuals and cutting-edge technology to advance Ethereum and blockchain innovation.
• Comprehensive Compensation and Remote Flexibility: Benefit from a competitive salary package and generous discretionary benefits, while enjoying the remote work from anywhere with flexible hours. Additionally, receive support for your workspace with a home office setup allowance and monthly co-working membership stipend.
• Remote Hiring: For team members outside the US, UK, Canada, and Hong Kong, we engage under an independent consulting arrangement, offering the flexibility of payment (in Fiat, USDC, or etc).
• Private Healthcare Benefits: Private healthcare benefits through the Employer of Record (EoR) are only available in the US, UK, Canada, and Hong Kong.

Scroll is proud to be an equal opportunity workplace. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need, please let us know and we’ll do our best to accommodate.

Apply now >