Cybersecurity Analyst – Smart Contract Security Testing

Job Description

Role: Cybersecurity Analyst – Smart Contract Security Testing

Location: Pune, India (Hybrid / Remote)

Experience: 2-5 years

About the Role

We are seeking a Cybersecurity Analyst specializing in Smart Contract Security to perform security audits, penetration testing, and vulnerability assessments for blockchain-based applications .

The role focuses on identifying vulnerabilities defined in the OWASP Smart Contract Top 10 , ensuring the security of decentralized applications (dApps), DeFi protocols, and smart contracts deployed on EVM-based blockchains.

The ideal candidate will have experience in smart contract auditing, Web3 security tools, and blockchain protocols .

Key Responsibilities

1. Smart Contract Security Testing

• Perform manual and automated security testing of smart contracts.
• Identify vulnerabilities aligned with OWASP Smart Contract Top 10 including:
• Reentrancy attacks
• Integer overflow / underflow
• Timestamp dependence
• Access control vulnerabilities
• Front-running attacks
• Denial-of-service risks
• Logic errors
• Insecure randomness
• Gas limit vulnerabilities
• Unchecked external calls
• Conduct code reviews of Solidity and smart contract architectures .

2. Security Audits

• Perform full smart contract security audits before deployment.
• Analyze contracts interacting with:
• ERC20
• ERC721 / ERC1155
• DeFi protocols
• Oracles
• Layer-2 networks.
• Evaluate upgradeability patterns, proxy contracts, and governance mechanisms .

3. Automated Security Analysis

Use and maintain automated tools such as:

• Slither
• Mythril
• Echidna
• Foundry / Forge
• Manticore
• Securify
• Oyente

Conduct:

• Static analysis
• Symbolic execution
• Fuzz testing
• Gas usage analysis.

4. Penetration Testing

• Simulate attack scenarios against smart contracts and dApps.
• Test vulnerabilities such as:
• Flash loan attacks
• Oracle manipulation
• Front-running / MEV attacks
• Reentrancy exploits
• Conduct adversarial testing against deployed contracts.

5. Security Reporting

• Produce professional audit reports including:
• Vulnerability description
• Risk severity
• Exploit scenario
• Recommended remediation
• Work closely with developers to resolve vulnerabilities.

Required Skills

Blockchain & Smart Contracts

• Solidity
• Ethereum Virtual Machine (EVM)
• ERC token standards
• Hardhat / Foundry / Truffle

Security Knowledge

• OWASP Smart Contract Top 10
• Smart contract attack vectors
• Cryptography basics
• Blockchain consensus models

Security Tools

• Slither
• Mythril
• Echidna
• Foundry
• Tenderly
• Remix debugging tools

Preferred Experience

• 2–5 years experience in cybersecurity or blockchain security
• Experience auditing DeFi or Web3 protocols
• Understanding of MEV and DeFi attack vectors
• Experience reviewing large Solidity codebases

Nice to Have

• Bug bounty experience (Immunefi / HackerOne)
• Participation in Web3 security audits
• Experience with:
• Layer 2 (Arbitrum / Optimism)
• Cross-chain bridges
• Zero knowledge systems

Education

Bachelor's or Master’s degree in:

• Cybersecurity
• Computer Science
• Information Security
• Blockchain Technology

Relevant certifications:

• CEH
• OSCP
• Certified Blockchain Security Professional

Deliverables

The analyst will be responsible for producing:

• Smart contract audit reports
• Security testing documentation
• Risk mitigation recommendations
• Secure coding guidelines for developers