< Go back

Security Lead at Web 3 Foundation

Zug | Engineering | Full-time | Updated: April 30, 2019, 8 p.m.

Job Description

Resilience is one of the most important characteristics of decentralised technologies, so in order to safeguard high quality and good practices in Web3 community, we are looking for an outstanding Security Specialist.

Web3 Foundation accelerates the development and adoption of the decentralized web. We’re providing the framework and setting the standards for an ecosystem so that the most cutting-edge projects can work together, multiplying their benefit to society as a whole.

We’re building the future of identity, privacy, financial markets and commerce through blockchain and other cryptographic technologies. At the core of this work is Polkadot - a platform that enables blockchains of all kinds to interact and communicate with one another. This is an opportunity to work at the forefront of technological development and join in shaping the future of society for the better.


Security is at the heart of decentralised protocols and applications. Extensive reliance on correct implementation and good user practices necessitates that we spend sufficient time on Security in the Web3 ecosystem.

Web3 Foundation aims to ensure that crucial projects and networks are sufficiently reviewed and monitored, as well as any developers and users are aware of best security practices. The Security team will be responsible for the initiatives that allow us to achieve those goals together with our open source community.

We hire at various levels of experience so feel free to apply even if you don’t fulfil all the requirements yet. We are a lean team with a flat organisation. The company is based in Zug, Switzerland, but candidates working remotely in the European timezone will be considered as well.

Initiate and oversee external code audits performed by the Foundation

Develop and run the bug bounty program and other community security initiatives

Establish security processes within the Foundation

Create guidelines and tools for the community to ensure development of secure software

Work with DevOps and Research team to put in place monitoring systems to ensure security of live networks

Contribute to the grant review process to ensure funding for projects crucial to security of the Web3 ecosystem

Review the security aspects of projects that the Web3 Foundation interacts with or supports

Experience in development and enforcement of security best practices and incident response processes

Experience with engaging external experts such as auditors or pen testers

Ability to write accessible guides and security tooling

Understanding of decentralised technologies, especially blockchain

Understanding of Open Source community and bug bounty programs

Minimum of 3 years working as an information security professional


Experience with monitoring live global systems

Understanding of signature schemes and other cryptographic primitives used in decentralized technologies
Experience with creating security tools related to blockchain

Familiarity with Rust, Go and Javascript

Familiarity with international standards (e.g. ISO 27001/2)

To apply to this position, we ask you to answer a few questions in the application form, and to submit your CV and a cover letter, telling us a bit about yourself and your motivation to join us.

For more information about us, visit us on

Web3 Foundation website: https://web3.foundation/

Polkadot website: https://polkadot.network/

Github: https://github.com/w3f/polkadot-overview

Login to request intro Apply on website