United States
Remote
Mid Level
Full Time
9 days ago
💰$ 129,000 - $ 304,000
blockchainsecurityinvestigationsdecentralized financeDeFionchain analysisincident response
Requirements
- •Deep understanding of the EVM ecosystem, with familiarity across SVM and other non-EVM chains; able to clearly explain transaction structures, calldata, logs/topics, traces, and related onchain mechanics
- •Strong working knowledge of common DeFi protocols, bridges, multisig architectures, and wallet infrastructure
- •Comfortable extracting, analyzing, and interpreting onchain data using block explorers, transaction traces, event logs, and raw RPC responses
- •Ability to build lightweight tooling and scripts to automate investigations, enrich datasets, or analyze blockchain activity
- •Experience conducting blockchain investigations using tools such as Chainalysis Reactor, TRM Labs, Arkham, Nansen, and similar platforms
- •Experience tracing funds across bridges, mixers, and cross-chain protocols
- •Strong written and verbal communication skills, with the ability to synthesize complex technical findings into concise reports and presentations
What You'll Do
- •Conduct blockchain investigations involving exploits, phishing campaigns, laundering activity, bridge incidents, and other onchain threats
- •Trace funds across multiple chains, bridges, mixers, and DeFi protocols to identify patterns, attribution opportunities, and risk exposure
- •Analyze transaction traces, calldata, logs/topics, and RPC-level blockchain data to produce high-confidence investigative findings
- •Build lightweight tooling and scripts to automate repetitive analysis tasks, enrich datasets, and improve investigation workflows
- •Produce concise, high-quality reports and presentations summarizing technical findings for both technical and non-technical audiences
- •Support incident response efforts during active investigations and security events
- •Collaborate with internal teams to improve detection methodologies, operational tooling, and investigative processes
- •Stay current on evolving exploit techniques, threat actor tradecraft, laundering methodologies, and developments across the web3 ecosystem
Nice to Have
- •Experience interacting directly with blockchain RPC endpoints rather than relying solely on third-party APIs and indexing services
- •Familiarity with AI-assisted investigation workflows, automation, and development tooling
- •Experience participating in on-call rotations and supporting incident response operations
- •Familiarity with common exploit patterns, laundering techniques, phishing infrastructure, and threat actor tradecraft
- •Understanding of sanctions screening and attribution methodologies
- •Ability to read and reason about smart contract code (Solidity/Rust preferred)
- •Familiarity with MEV, validator infrastructure, and transaction propagation mechanics
- •Experience querying blockchain datasets via Dune, Flipside, BigQuery, or self-hosted indexers
- •Prior experience in web3 startup environments
About Chainlink Labs
Chainlink is the industry-standard oracle platform bringing the capital markets onchain and powering the majority of decentralized finance.
San Francisco, CA
500-1000
Blockchain & Cryptocurrency