Spearbit & Cantina: Secure the Future of Web3
Founded in 2021 by former Ethereum Foundation Solidity engineers, Spearbit is at the forefront of Web3 security. Our team built the leading blockchain language and secured the largest smart contract, protecting over $160B in value. We're not just building a company; we're building a safer Web3.
We're building Cantina—the "GitHub for Security"—connecting top-tier security researchers with projects that need their expertise. Our Cantina security platform already powers major competitions and serves the leading projects in Web3. It currently supports collaborative security reviews, public and private security competitions, bug bounty programs, incident response, and AI-powered code analysis.
Just as cloud-security startups emerged to define the security landscape for cloud computing, Cantina aims to be the definitive code-security platform for the future of Web3.
Your Mission: EVM Incident Response Engineer
As our first dedicated EVM Incident Response Engineer, you'll be the frontline guardian for our EVM product alerts. This critical role involves investigating issues, reproducing complex behaviors, collaborating with internal teams during high-stakes "war rooms," and ensuring the continued resilience of our systems. You'll be directly impacting the security of the Web3 ecosystem.
What You'll Do:
Meet and exceed client SLAs by rapidly identifying, analyzing, and resolving critical incidents.
Dive deep into the EVM: decode transactions, logs, and traces to precisely reproduce behavior using Foundry/Hardhat and lightweight Proof-of-Concept exploits.
Collaborate seamlessly with protocol, backend, and risk teams during incident response scenarios, ensuring a unified and effective approach.
Proactively maintain and continuously improve our playbooks, dashboards, and alerting systems.
Stay ahead of the curve by monitoring upstream changes (EIPs, dependency updates, oracle/bridge updates) and proactively highlighting potential product risks.
Deliver concise, insightful incident briefs and thorough post-mortems with actionable recommendations for continuous improvement.
What You Bring:
Deep EVM expertise, including proficiency in Solidity and Python.
Advanced debugging skills utilizing tools such as Foundry/Anvil, Hardhat, Tenderly, and Phalcon.
Exceptional written communication skills, coupled with structured problem-solving abilities and unwavering composure in high-pressure situations.
Flexibility to participate in a nights/weekends on-call rotation, ensuring 24/7 security coverage.
Bonus Points (Nice to Have):
Prior experience in Web2 on-call/SRE roles, managing production incidents, utilizing paging systems, and conducting post-mortem analyses.
Experience with Dune/SQL or The Graph for rapid and efficient data analysis.
Familiarity with Chainlink and other oracles, cross-chain/bridge flows, Layer 2 stacks (Optimism, Arbitrum, etc.), or non-EVM chains (e.g., Solana).
Previous experience in incident response or security research.
Perks & Benefits:
Competitive salary and performance-based compensation, rewarding your contributions to our success.
The opportunity to be a key player in an early-stage startup, working alongside a talented and passionate team dedicated to Web3 security.
Exposure to high-profile clients in the blockchain and cryptocurrency industry, shaping the future of decentralized security.
Join Spearbit and be a part of building the future of code security for Web3!