Engineering Security Lead
About Heliax
Heliax is a remote-first public goods lab which researches, develops, deploys, and maintains open-source protocols and mechanisms designed to serve the everyday needs of humanity. Using this, we build vertically integrated open-source products and networks that form coherent open systems which are capable of acting as an alternative to existing exploitative paradigms.
Heliax’s work includes Anoma, the universal intent machine introducing a new era of intent-centric applications; and Namada, the shielded asset hub for multichain, multi-asset data protection, designed to give people full control over sharing their personal information.
Role Overview
- Support our research and engineering teams in designing and building secure systems. We are working on problems which touch on distributed and peer-to-peer systems, virtual machines and programming language implementation, cryptographic protocols, networking protocols, and holistic integration into operating systems. We mainly use elixir/erlang and rust as implementation languages.
- Whitebox assessment of component security, e.g. cryptographic protocols and distributed / replicated state machines.
- Whitebox security assessment of the integration of components, e.g. helping verify that abstractions are well defined, interfaces line up, and that we are not accidentally building weird machines.
- Assess the security engineering practices of the development process and help improve them where needed.
- Personally audit protocol specification and implementation and the correspondence between the two by reading both specification and implementation code.
- Advise on application security matters for user facing components.
Qualifications
- Industry experience in building and testing production systems in one or multiple of the following areas, with a focus on security: communications infrastructure, distributed databases, virtual machines and compilers, blockchain technologies.
- Deep background in at least some of our implementation and research problem fields mentioned above, and basic familiarity with all of them.
- Good skills in communication and collaboration across engineering and research teams.
- Experience in auditing, penetration testing, and breaking distributed internet protocols such as TLS, IBC, and Ethereum smart contracts.
- Mathematical literacy at an undergraduate level.
Misc
Ideally based in or willing to relocate to Berlin, Zug, or London. Must be based in Europe (including UK) and willing to travel to Berlin and/or Zug for initial onboarding. We can help with relocation to Germany (e.g. visa assistance).
Ideally someone who enjoys travel, nature and hiking. Often we find that protocols are best designed not in a meeting room but rather on a trail 🏔️.