Spearbit logo

Security Researcher

SpearbitRemote
Remote, Remote
60000 - 120000
Posted July 10, 2025
Any Experience

Interested in this role?

Read all the details below first

Table of Contents

Job Description

Security Researcher at Spearbit

About the Role

Spearbit is seeking a talented and experienced Security Researcher to join our growing team. You will play a critical role in ensuring the security of cutting-edge blockchain protocols and smart contracts.

Responsibilities:

  • Conduct in-depth security reviews of smart contracts, protocols, and blockchain infrastructure.
  • Analyze protocol designs and identify potential vulnerabilities across DeFi primitives, tokenomics, governance, MEV, bridges, and ZK systems.
  • Collaborate with other researchers and protocol developers to provide actionable recommendations and mitigate risks.
  • Reproduce exploits, write proof-of-concepts (POCs), and contribute patches when necessary.
  • Publish post-mortems, technical articles, and internal reports to share knowledge and contribute to the security community.

Qualifications:

  • Proven experience auditing complex smart contracts and a deep understanding of Solidity, EVM behavior, and common vulnerability classes.
  • Strong analytical and problem-solving skills with a passion for identifying and mitigating security risks.
  • Excellent communication and collaboration skills, with the ability to clearly articulate technical findings to both technical and non-technical audiences.
  • A track record of contributing to open-source projects, publishing security research, or participating in bug bounty programs.
  • Alignment with Spearbit's values of decentralization, cryptographic innovation, and building resilient systems.

Preferred Qualifications:

  • Experience with cross-chain protocols, bridging, rollups, or ZK systems.
  • Familiarity with Ethereum security tooling (Foundry, Echidna, Slither, etc.).
  • Experience writing or reviewing technical specifications or protocol documentation.

What We Offer:

  • Competitive compensation and benefits package.
  • Opportunity to work on cutting-edge projects and collaborate with leading researchers in the industry.
  • A dynamic and collaborative work environment that values innovation and knowledge sharing.

Qualifications

Required:

  • Proven experience auditing complex smart contracts with a deep understanding of Solidity, EVM behavior, and common vulnerability classes (e.g., reentrancy, logic flaws, gas griefing, access control).
  • Strong analytical skills with the ability to model systems end-to-end and identify attack surfaces across DeFi primitives, tokenomics, governance, MEV, bridges, and ZK systems.
  • Excellent written and verbal communication skills to effectively convey technical findings and recommendations.
  • Demonstrated ability to reproduce exploits, write proof-of-concepts (POCs), and contribute to security patches.
  • Credible track record in the security research community through contributions to open-source projects, publications, bug bounty programs, or participation in Capture the Flag (CTF) competitions.

Preferred:

  • Experience auditing production smart contracts in solo or team settings.
  • Familiarity with cross-chain protocols, bridging, rollups, or ZK systems.
  • Experience with Ethereum security tooling (Foundry, Echidna, Slither, etc.).
  • Experience writing or reviewing technical specifications or protocol documentation.

Bonus:

  • Prior experience in formal audits with reputable firms (e.g., Spearbit, Zellic, Trail of Bits).
  • Familiarity with the Cantina Platform.
  • Lead reviewer experience or ability to manage a team of researchers.
  • Contributions to open-source security tooling.
  • Security publications, conference talks, or technical blog posts.

Key Responsibilities

  • Conduct in-depth security reviews: Analyze smart contracts, protocols, and blockchain infrastructure for vulnerabilities.
  • Identify attack surfaces: Evaluate protocol designs across DeFi primitives, tokenomics, governance, MEV, bridges, and ZK systems to pinpoint potential weaknesses.
  • Provide actionable recommendations: Deliver clear, concise reports outlining vulnerabilities and their potential impact, including technical and business implications.
  • Reproduce and demonstrate exploits: Demonstrate identified vulnerabilities through proof-of-concept (POC) development and, when applicable, contribute patches.
  • Contribute to knowledge sharing: Publish post-mortems, technical articles, and internal reports to foster a culture of continuous learning and improvement.
  • Collaborate effectively: Work seamlessly within a pod or curated team with other senior researchers and protocol developers.

Selection Process

Spearbit Security Researcher Hiring Workflow

1. Application Review: AI-powered screening analyzes resumes and cover letters for relevant keywords, experience, and skills outlined in the job description.

2. Technical Assessment: Candidates complete a coding challenge focused on smart contract security, evaluating their understanding of Solidity, EVM, and common vulnerabilities.

3. Portfolio Review: Candidates submit a portfolio showcasing their previous security research, bug bounties, audits, or open-source contributions.

4. Interview Rounds:

  • Initial Screening: A brief phone interview with a recruiter to discuss experience and motivations.
  • Technical Interview: A deep dive into technical skills and problem-solving abilities with a senior security researcher.
  • Culture Fit Interview: An interview with a team member to assess collaboration style and alignment with Spearbit's values.

5. Final Decision: The hiring team reviews all assessment results and interview feedback to select the most qualified candidate.

This streamlined process ensures a thorough evaluation of technical expertise, experience, and cultural fit, ultimately identifying the best Security Researcher for Spearbit.

How to Apply

1

To apply for a job, read through all information provided on the job listing page carefully.

2

Look for the apply link on the job listing page, usually located somewhere on the page.

3

Clicking on the apply link will take you to the company's application portal.

4

Enter your personal details and any other information requested by the company in the application portal.

5

Pay close attention to the instructions provided and fill out all necessary fields accurately and completely.

6

Double-check all the information provided before submitting the application.

7

Ensure that your contact information is correct and up-to-date, and accurately reflect your qualifications and experience.

Important Note

Submitting an application with incorrect or incomplete information could harm your chances of being selected for an interview.

About Spearbit

About Spearbit

Spearbit is a leading security research firm specializing in the blockchain and decentralized finance (DeFi) space. We are dedicated to building a more secure and resilient web3 ecosystem by identifying and mitigating vulnerabilities in smart contracts, protocols, and blockchain infrastructure.

Our team of experienced security researchers combines deep technical expertise with a passion for innovation. We leverage cutting-edge tools and methodologies to conduct rigorous security audits, penetration testing, and vulnerability assessments. Spearbit's commitment to knowledge sharing is reflected in our active participation in the open-source community and our publication of technical research and insights.

We believe in empowering developers and projects to build secure and trustworthy decentralized applications. By partnering with Spearbit, you gain access to a team of experts who are dedicated to helping you navigate the complexities of blockchain security.

Ready to Apply?

Join Spearbit and take your career to the next level. We're looking for talented individuals like you!

Apply for this Job