We’re looking for an inventive, highly intelligent, detail-oriented person to put the code security of our virtual machine through the wringer. This won’t be a case of applying off-the-shelf software and typical penetration techniques; you’ll need to come up the curve on how our system enables the deployment and short-lived execution of third-party code, get your head around the types of attacks which are expected to occur, comprehend the system invariants we have established, and then do your best to break them.
Expect to account for fuzzing, malicious code injection, privilege escalation, overflows of every stripe, and the bugbear of non-determinism. The attack surface is wide and there’s lots of fun to be had, but the good news is that we have a host of top-flight people who has thought about this stuff a lot.
You will be joined at the hip with the finest development team you have ever worked with, you’ll bend your brain in new and interesting ways, and learn a ton of cool stuff. Best of luck explaining to Mom what it is you do for a living! There won’t be many people in the world who you’ll be able to talk shop with, but we’re a tight-knit crew and there’s never a dull moment around here.
What are we looking for?
- You like researching vulnerabilities, but find that the real fun is in actually coding up attacks and attempting to break things.
- You have a solid understanding of how programs get built and executed in general computing environments. With ten minutes’ warning you could give a little talk about parsers, compilers, interpreters, heaps, stacks, program counters, and the like.
- You’re patient, thorough, and good at coming up with edge cases that don’t occur to others.
- You have done and like to do demonstrably hard things.
- You enjoy talking through tough problems with smart people, and are happy to accept ideas and approaches that you didn’t personally come up with.
What do you need?
- Experience with low-level system testing/hardening, offensive or defensive.
- Understanding of how stack-based machines operate.
- Experience with WebAssembly is a big plus, though not a requirement.
Who are we?
At RDX Works, we're a team of like-minded thinkers who have long been convinced that we're living in the earliest stages of a global financial revolution. This revolution is being fuelled by decentralized finance (or DeFi for short), which is enabling an assortment of pioneering developers and entrepreneurs to re-invent almost every financial product that is currently traded and invested in traditional markets, without requiring central authorities or siloed infrastructure. DeFi has captured a great deal of attention and investment in the crypto-aware niche, growing assets under management from $1 billion to over $200 billion in a few years. Impressive as its growth has been, its current market size isn't even a rounding error on the over $400 trillion held in traditional finance. We're focused on what it will take to go from billions to trillions.
RDX went back to first principles to come up with the right technical solution—the first layer-one protocol built specifically for mainstream DeFi—and we have already tested out at over 1 million transactions per second. We're keenly aware that the need for an infinitely scalable platform is only one prerequisite among many for mass adoption, and we're also blazing new ground in the areas of purpose-built developer tools, user experiences, and regulatory integration.
We have forged a path deep into the future of what distributed ledger technology is going to look like and we need you to come and be part of the team that is making that happen right now.
If this job sounds like it was made for you, then please apply directly via the link or if you don’t have an up to date CV to apply with, contact [email protected] for more information.
Check out our company benefits here - RDX Works Benefits
Alternatively, if you feel like you don’t match all of the requirements, we would love you to still apply anyway. We understand that confidence gaps and imposter syndrome can get in the way of meeting incredible candidates and we wouldn’t want this to prevent us from meeting you; especially as we are big advocates of helping people learn & grow. This is also another reason we do not advertise salaries, we want to keep it as even a playing field as possible!