Security & Audit Jobs in Crypto & Web3
Smart contract auditors are the last line of defense before code goes live with user funds at stake. The work means reading contracts adversarially, hunting for reentrancy, access-control flaws, oracle manipulation, and arithmetic and logic bugs that automated tools miss, then writing clear reports that teams can act on.
Auditors typically master Solidity or Rust, use Foundry, Slither, and fuzzing or formal verification, and study every notable exploit closely. Employers and audit firms value a proven track record, whether through published reports, top finishes in audit contests on platforms like Code4rena or Sherlock, or responsibly disclosed bug bounties.
Companies hiring Security & Audit talent
Top skills
Open Security & Audit roles
83 jobsSenior Offensive Security Engineer (IOT / Network Pentesting)
Coinbase · Remote
$112k–$188k
2 months ago
View →
Director, Ecosystem Product Security
Stellar Development Foundation · Remote
$225k–$335k
2 months ago
View →
Technical Success Manager
Zscaler · Remote
$70k–$180k
3 months ago
View →
Staff Site Reliability Engineer-Federal, Security Clearance
Zscaler · Remote
$119k–$170k
3 months ago
View →
DevSecOps Engineer
Alpaca · Remote
$75k–$125k
3 months ago
View →
Lead Security Architect
LI.FI · Remote
$120k–$150k
3 months ago
View →
Internal Audit IT Manager
Coinbase · Remote
$82k–$196k
3 months ago
View →
Senior Application Security Engineer
Consensys · Remote
$90k–$150k
3 months ago
View →
Security & Audit jobs by location
Frequently asked questions
How do I break into smart contract auditing?
Build a track record through audit contests on Code4rena, Sherlock, or similar platforms, study past exploits, and publish writeups. Demonstrated findings matter more than credentials.
Do I need to be a developer first?
Yes, in practice. Auditing requires reading and reasoning about Solidity or Rust at a deep level, so strong contract development skills come first.
What tools do auditors use?
Foundry for testing and fuzzing, static analyzers like Slither, and sometimes formal verification, combined with rigorous manual review of the code.
Browse other categories
SolidityRustTypeScriptReactGolangPythonSmart Contract DeveloperBackend DeveloperFrontend DeveloperDevOps EngineerProduct ManagerMarketingBusiness DevelopmentDesignerDeFiNFTWeb3 GamingInfrastructureEthereumSolanaBitcoinPolygonArbitrumCosmosPolkadotNEARAvalancheAptosSuiBlockchain DeveloperFull-Stack DeveloperMobile DeveloperCommunity ManagerContent WriterData ScientistAI EngineerQA EngineerSalesLegal & ComplianceFinanceZero-Knowledge (ZK)Cairo / StarknetNode.jsDAOTrading & QuantSeniorEntry-LevelNon-Technical