Services
Penetration TestingRisk & CompliancevCISOBreach Response
Industries
Government, Education & Public ServicesHealthcare & Life SciencesFinancial ServicesConsumer & RetailTechnology, Media & Telecommunications
InsightsCareersCompany
Start Now

Senior Blockchain Security Consultant

We're seeking an exceptional blockchain security consultant for a high-impact engagement focused on Agent SDK security, digital identity systems, and embedded banking infrastructure. You'll lead penetration testing, threat modeling, and code review on decentralized technologies built in Rust, delivering findings that drive real security improvements.
Key Responsibilities

You'll conduct a multi-phase security assessment starting with API penetration testing on an Agent SDK. This means enumerating endpoints, mapping functionality, and systematically exploiting weaknesses in authentication, authorization, and data access controls. You're hunting for authentication bypass, IDOR vulnerabilities, and business logic flaws that can be chained for maximum impact.

  • Conduct API penetration testing using OWASP API Security Top 10 and CWE Top 25 frameworks
  • Review Rust code to identify cryptographic weaknesses, input validation gaps, and supply chain risks
  • Lead threat modeling workshops using STRIDE and OWASP frameworks with development teams
  • Assess Self-Sovereign Identity protocols including credential verification, DIDComm, and verifiable credentials
  • Evaluate multi-tenant banking architecture, KYC processes, and authentication flows (OAuth, HMAC, JWT)
  • Deliver detailed technical reports with executive summaries and actionable remediation guidance

Beyond finding vulnerabilities, you'll facilitate threat modeling sessions that help teams understand their threat landscape and prioritize security improvements. Your documentation needs to work for multiple audiences: technical teams need remediation details, executives need business impact, and compliance teams need attestation materials.

Qualifications and Skills

You have serious blockchain and Web3 security experience. You've conducted API penetration tests where you chained vulnerabilities to demonstrate real business impact. You're proficient in Rust and can read codebases to spot security issues that automated tools miss. You communicate exceptionally well, writing reports that technical teams respect and executives actually read, and you've facilitated productive threat modeling sessions that lead to actionable improvements.

Required Skills:

  • 5+ years in cybersecurity with proven blockchain/Web3 security expertise
  • Strong API penetration testing background with documented findings
  • Rust programming proficiency and security code review experience
  • Deep knowledge of Self-Sovereign Identity protocols (DIDComm, verifiable credentials, OIDC for VC)
  • Expert-level understanding of OWASP frameworks and threat modeling methodologies
  • Experience with financial technology, KYC processes, and multi-tenant architectures
  • Portfolio demonstrating blockchain security work (research, assessments, or contributions)

‍

Apply Now
Untitled UI logomark
Your Vulnerability
Management Team
Services
vCISO
Risk and Compliance
Penetration Testing
Breach Response
Industries
Insights
Careers
Company
Terms  |  Privacy  |  Cookies
© Kustos 2024