Security Lead

At Scroll, we operate on the bleeding edge of a fast-moving frontier of zk technology, research and innovation. The Application Security Engineer will be responsible for improving the zkEVM-based zkRollup security, ensuring that Scroll is one of the safest Layer 2's for projects and users. The role is ideal for an individual who thrives in a start-up environment, a self-starter that is dynamic and comfortable to take on responsibilities and can work effectively within a remote setup.

**About Scroll**
- Scroll is building an open source, bytecode level compatible zkEVM layer 2 solution for Ethereum. Our mission is to scale Ethereum while maintaining our values of credible neutrality, open-ness, and execution.

**Responsibilities**:

- Establish and maintain security best practices, policies, and procedures across the organization
- Develop and implement the overall security strategy for Scroll's infrastructure, including the node operations, cloud instances, onchain activities, and associated systems
- Oversee the bug bounty program, including final decision-making on bug severity and rewards
- Lead security incident response and coordinate with relevant teams during critical situations
- Lead security reviews of major protocol upgrades and new feature implementations, and coordinate the audit process with external security vendors and audit firms
- Work closely with engineering team to ensure security is built into the development lifecycle from the ground up
- Build and maintain relationships with external security researchers, auditors, and the broader security community
- Represent Scroll's security initiatives in the broader blockchain community through speaking engagements and technical content

**Requirements**:

- 5+ years of experience in blockchain security, with experience in a leadership role
- Knowledge of Solidity, EVM, Layer 2 scaling solutions, and blockchain
- Experienced in security standards, tools, key management, and cloud security
- Proven track record of building and leading security teams in a fast-paced environment
- Proven ability to communicate complex security concepts to both technical and non-technical stakeholders
- Excellent project management skills and ability to coordinate multiple security initiatives simultaneously

**Nice to Haves**:

- Contributions to major blockchain security tools or frameworks
- Experience securing other Layer 2 solutions or ZK systems
- Experience with zk proof systems and circuits (r1cs, plonkish, AIR, stark, etc.)
- Track record of publishing security research or contributing to blockchain security standards
- You have successfully participated in a bug bounty program, either as a manager or reporter.
- Previous experience working in the crypto or blockchain space, with a focus on protocol security.

**About You**:

- You are a self-starter and ability to take ownership, well organised, self-disciplined and effective when working autonomously on tasks and projects;
- You are responsive, collaborative and committed person with a high work ethic;
- You are a high class communicator who can articulate their views succinctly on calls or asynchronously in globally distributed, remote teams;
- You relish working in an agile start-up environment;
- You are a great listener who understands when to listen first and engages well with colleagues;
- You are a resilient, driven individual who is willing and able to continually develop and iterate to succeed;

**About You**:

- You are a self-starter and ability to take ownership, well organised, self-disciplined and effective when working autonomously on tasks and projects;
- You are responsive, collaborative and committed person with a high work ethic;
- You are a high class communicator who can articulate their views succinctly on calls or asynchronously in globally distributed, remote teams;
- You relish working in an agile start-up environment;
- You are a great listener who understands when to listen first and engages well with colleagues;
- You are a resilient, driven individual who is willing and able to continually develop and iterate to succeed;
**What We Offer**:

- A mission-led, collaborative culture
- Opportunity to work with cutting edge technology and like-minded people who are contributing to the progression of Ethereum
- Competitive salary package / generous paid time off / annual growth budget
- 100% remote from any location with flexible hours
- Home office set up / co-working membership allowance
- Private healthcare in selected countries
- Scroll is proud to be an equal opportunity workplace. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need, please let us know and we'll do our best to accommodate._