Security Engineer Protocol Contract Runtime
Job Description
Pagoda is the first-ever Web3 Startup Platform where developers and entrepreneurs can build, launch, and operate new blockchain-based products and services. As a primary builder of the NEAR Protocol, Pagoda delivers capacity, velocity, simplicity, and affordability needed to power tomorrow’s Web3 startups.
We are looking for an innovative, empathetic, and productive person who is excited about building the next generation of crypto startups, feels comfortable challenging opinions, and most importantly who shares with us the same desire to make the web free again.
We encourage people of all backgrounds to apply. Pagoda is committed to creating an inclusive culture, and we celebrate diversity of all kinds.
What You’ll Get For Joining:
- Unlimited Annual Leave / PTO
- $2,000 Yearly Continued Education Reimbursement
- $2,000 Home Office Setup Reimbursement
- Yearly Company Retreats (2022 in Lisbon!)
- Paid Holiday Week: the last week of the year
- Paid Summer Wellness Week: the first week of July
- Mental Health Support and access to licensed therapists through Spill, 100% paid by us
About The Role:
Pagoda is shepherding a future where NEAR becomes the blockchain operating system. We believe that re-inventing how software is made and distributed is our greatest opportunity to open economic access to those who are not fully integrated into the global economy. Our products empower people to find opportunity, invent new experiences, and collaborate. Let’s build an Open Web world. A world where people control their assets, data, and power of governance.
Pagoda’s growing security team is looking for a Security Engineer to partner with our Protocol, contract runtime team. This position will be primarily responsible for identifying, analyzing, solutioning, and accounting for security as it pertains to NEAR’s contract runtime; embedded within Pagoda’s contract runtime team and reporting to Pagoda’s CISO.
As Security Engineer you will work closely with the contract runtime team to make sure that NEAR’s WebAssembly runtime is secure, robust, and performant. You will work on the security of WebAssembly compilers and NEAR’s smart contract execution environment.
A core component of the NEAR blockchain is a WebAssembly virtual machine (https://github.com/near/wasmer/) that runs in a completely trustless and fully deterministic mode, as it executes smart contracts implemented in WebAssembly-friendly languages (Rust and Javascript, for example) using a fast compiler.
Performance and safety optimizations of WebAssembly VMs/compilers are a primary focus of Pagoda’s runtime team. This enhances not only the NEAR blockchain, but the entire WebAssembly ecosystem.
What You’ll Be Doing:
- Supporting the Protocol team to solve cutting-edge compiler and VM problems related to safe, deterministic and high-performance compilation and execution
- Set up testing infrastructure to ensure the security of contract runtime
- Security audit of the contract runtime code
- Handle security vulnerability reports that are related to contract runtime
- Analyze risk and maintain a registry and remediation/improvement roadmap as it pertains to the contract runtime and WebAssembly.
What We’re Looking For:
- Development or software engineering experience and a deep passion for information security
- Strong security engineering background and programming experience
- Experience with a modern system programming language (eg C++, Rust)
- Demonstrated experience evaluating code for vulnerabilities and weaknesses
- Familiarity with low-level programming, operating systems, and virtual machines, experience with WebAssembly is a plus
- Practical experience of security analysis tools such as: fuzzing, SAST scanners, linters etc
- Experience in securing large scale distributed systems
- Strong communication skills and ability to work with remote teams
- Results & goal orientated
We’d Love If You Have:
- A passion for security and Web3
- Experience in a start-up environment
Here’s What Our Interview Process Looks Like:
Depending on calendar availability, from the first stage to the final stage, we do our best to keep the entire process to under three weeks. Our interviews take place via Zoom and typically consists of the following stages:
- Internal Recruiter Call (30 minutes)
- Meet with the Hiring Manager (30-45 minutes)
- Technical Interviews (3 x 60 minutes)
- Pagoda Interview (30 to 45 minutes)
Please let us know if you require any special requirements for your interview and we’ll do our best to accommodate.
Ideal Location For This Role
This is a fully remote role, so that your timezone matches or overlaps with our leadership for this role, you’ll ideally be located in the United States or Europe.
Our Values at Pagoda
Innovate and deliver—so our customers can build.
We deliver new solutions for real, often urgent, customer needs. Practical over hype. We uphold our standards of excellence while balancing velocity and pragmatism.
Focus precious time and energy on what matters.
We are intentional about where we aim our resources. We channel our talents to focus on the critical missions in order to make an outsized impact.
Favor ownership, agency and action.
Everyone is an owner. As individuals, we are responsible and accountable for our work. We empower builders to make decisions and innovate without the burden of unnecessary roadblocks or complexity.
Work as a team of empathetic humans.
We practice mutual respect, open communication, humility and collaboration. We are kind and empathetic. We are welcoming towards diversity in all forms, including differences of perspective.
Never break trust.
Integrity is rare—and valuable—in this space. Reputation is hard to build and easy to break.