OpenZeppelin
onchain finance
SeniorBlockchainSecurityDeveloper
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Blockchain Security Developer at OpenZeppelin. Skills: Daml, Blockchain Security, DeFi, AI-native engineering. Own the development of the OpenZeppelin Contracts Library for Daml end-to-end. Lead the technical design and implementation of year-1 Reference Implementations”
What You'll Achieve.
Build the open-source DeFi foundations of the world's most institutional blockchain; Deliver 8 production-ready Reference Implementations; Deliver end-to-end blueprints that other teams will fork; Deliver the OpenZeppelin Contracts Library for Daml; Deliver audited Daml implementations of CIP-56, CIP-86, CIP-103, and CIP-104; Provide 55 researcher-weeks of dedicated security capacity; Deliver smart-contract audits, full-stack reviews, pen tests; Every release ships with a published audit report; Define how AI-native engineering looks on a non-EVM stack; Deliverables become the standard others build on
Industry & Context.
Reason about Canton's privacy boundaries; Think adversarially about every line of code
Candidates must be located within UTC-8 to UTC+3 time zones
What They're Looking For.
Must Have
Production Daml fluency, Shipped non-trivial Daml in production, Understand templates, choices, controllers/observers/signatories, multi-party authorization, sub-transaction views, and propose/accept patterns as first-class primitives, 3+ years of experience in UTXO-based protocol development, Prior production work in a privacy-preserving or UTXO-based architecture (Canton, Cardano, Midnight, Zcash, Aleo, Mina, or similar), 3+ years of experience on DeFi engineering in production, Shipped non-trivial DeFi primitives in production: AMMs, vaults (ERC-4626 or equivalent), lending protocols, cross-chain settlement, Understand the security pitfalls of each, A security-first mindset, Demonstrable experience either auditing, breaking, or hardening production systems — published threat models, audit reports, responsible disclosures, or equivalent output, Built reusable, import-first developer libraries, not just applications, Production work with at least one major cross-chain messaging protocol (Chainlink CCIP, LayerZero, Wormhole, Axelar, or similar), Design with credential gates, multi-party attestation, custody flows, and compliance hooks as native constraints, An AI-native workflow, Shipped at least one non-trivial AI-powered tool, agent, or automation pipeline in production using the Anthropic SDK, MCP, custom evals, or comparable, Used AI as a serious instrument in security workflows: audit assistance, vulnerability research, fuzzing, invariant or spec analysis, static-analysis augmentation, or similar, Fluency in client-facing communication (English), Autonomy and proactivity
Nice to Have
Cryptography or financial-engineering background, Institutional finance background, Capital-markets microstructure, custody, compliance flows, RWA tokenization, settlement, Hands-on experience with non-EVM ecosystems, Open-source contributions to widely-used libraries in the smart-contract or AI-tooling space
What You'll Do.
Own the development of the OpenZeppelin Contracts Library for Daml end-to-end
Lead the technical design and implementation of year-1 Reference Implementations
Implement and shepherd the OZ Daml versions of CIP-56
Coordinate with Digital Asset on spec evolution and with ChainSafe on middleware alignment
Run client-facing roadmap
and milestone discussions
Collaborate with OpenZeppelin's auditors and security researchers on threat models
and full-stack reviews
Use AI systems as core daily tools
Extend AI systems: build agents
Apply AI directly to security work
Contribute developer-experience and security feedback upstream into the Canton protocol
and the Splice Wallet Kernel
Conduct open-ended research around privacy-preserving DeFi
multi-party authorization patterns
and Canton-specific topics
Publish and contribute back to OpenZeppelin's body of knowledge
How You'll Work.
Team & Collaboration
Coordinate with Digital Asset on spec evolution; Coordinate with ChainSafe on middleware alignment; Run client-facing roadmap, design, and milestone discussions with Digital Asset, the Canton Foundation, and ChainSafe; Collaborate with OpenZeppelin's auditors and security researchers; Work alongside Digital Asset, the Canton Foundation, and ChainSafe; Share what works back to the team
Communication Scope
Client-facing communication (English)
Full Job Description
About us OpenZeppelin is the security standard onchain finance is built on. Founded in 2015, our mission is to accelerate the world's transition to an open financial system, built on open standards and secured by rigorous research. Our open-source Contract Libraries have facilitated over $35 trillion in onchain value and are used by 10 of the top 10 tokenized money market funds and 9 of the top 10 stablecoins by market cap. We combine AI-native security tooling with deep research and a decade of audit expertise to support leading institutions and crypto-native teams shaping the next generation of digital assets like DTCC, Fidelity, Coinbase, Uniswap, Aave, the Ethereum Foundation, and many more across the full secure development lifecycle. Please note: Always refer to OpenZeppelin's official job page for the most accurate information about our open roles, as we have seen multiple third party job sites posting inaccurate information. The Secure Development team ❤️ OpenZeppelin is the security partner of choice for the most important protocols in Web3. Our Secure Development team sits at the intersection of building and breaking: we design, implement, and harden production-grade libraries and smart contracts for leading projects across EVM, Starknet, Stellar/Soroban, Arbitrum Stylus, Aptos, and beyond, often as an embedded extension of the client's engineering team. We work the way the rest of the industry will five years from now. Every developer on the team is a fully AI-native engineer, supported by outstanding internal AI tooling built for every phase of secure development. Developers own their workstreams end-to-end — agents amplify their effectiveness, and peers, security researchers, and external auditors provide rigorous review on every piece of work that ships. The Canton Network engagement This role joins us at the start of a 24-month, multi-million-dollar commitment to build the open-source DeFi foundations of the world's most institutional blockchain, appr
Applying for this Senior Blockchain Security Developer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about OpenZeppelin?
Real rants from real employees. Read before you apply.