Web3 Security Triager (AuditAgent & AgentArena)
Share
Job Location:
Monthly Salary:
Posted on:
16 hours ago
Vacancies:
1 Vacancy
Department:
Job Summary
What were building
Nethermind is building an AI-driven security product line that helps protocols and developers find vulnerabilities earlier cheaper and faster:
AuditAgent: AI-assisted smart contract vulnerability detection and insight generation for pre-audits and security workflows.
AgentArena: a platform where multiple independent audit agents run in parallel with an arbiter/triage layer to deduplicate findings and score severity fairly.
This role is critical to our quality layer: you will validate AI-generated findings filter out false positives and ensure customers receive high-signal actionable security insights.
What we need
A hands-on Web3 Security Triager who can evaluate smart contract vulnerabilities found by AI systems participate in public audit competitions and help improve our detection quality over time.
Youll work closely with:
Product and engineering teams building AuditAgent and AgentArena
Security researchers and auditors at Nethermind Security
External protocols and audit competition platforms (Code4rena Sherlock Cantina etc.)
Role & Responsibilities
1) Triage AI-generated findings (AgentArena)
Review and validate vulnerability reports generated by AI agents
Filter false positives to ensure customers receive only high-quality actionable findings
Classify severity and provide clear reasoning for each decision
Maintain fast turnaround without sacrificing accuracy
2) Run AuditAgent in public audit competitions
Execute AuditAgent on live contests (Code4rena Sherlock Cantina and similar platforms)
Triage the output: validate real bugs discard noise
Write Proof of Concept (PoC) code for valid findings using AI coding tools
Submit validated findings and track results to measure tool performance
3) Improve detection quality through feedback
Share insights with the product and engineering team on common false positive patterns
Propose new triage strategies automation ideas and process improvements
Help build internal benchmarks and quality metrics based on real-world results
4) Document and communicate results (nice to have)
Write internal reports summarizing competition outcomes and tool performance
Contribute to public content (blog posts case studies) showcasing AuditAgent/AgentArena capabilities
Requirements
Solid understanding of Web3 security: common vulnerability classes in smart contracts (reentrancy access control oracle manipulation etc.)
Proficiency in Solidity: ability to read understand and reason about contract logic and potential exploits
Proficiency with AI coding tools: hands-on experience with tools like Cursor Claude Code or similar you should already be using AI to accelerate your workflow
Ability to write PoC exploits: demonstrate valid bugs with working proof-of-concept code (using AI assistance is expected and encouraged)
Strong attention to detail: triage requires careful analysis and clear severity reasoning
Proactive and creative mindset: youll be expected to suggest improvements not just execute tasks
Nice to have
Experience with Solana / Rust smart contract security
Prior participation in audit competitions (Code4rena Sherlock Immunefi etc.)
Background in security research or junior auditing roles
Writing skills: ability to clearly document findings or write public-facing content
Familiarity with common security tools (Slither Foundry etc.)
Working model
Remote-first globally distributed team.
Required Experience:
Unclear Seniority
Key Skills
- CCTV
- Customer Service
- Communication skills
- Computer Skills
- ICD Coding
- Military Experience
- Law Enforcement
- NIST Standards
- Security
- DoD Experience
- RMF
- Writing Skills
About Company
What are we all about? We are a team of world-class builders and researchers with expertise across several domains: Ethereum Protocol Engineering, Layer-2, Decentralized Finance (DeFi), Maximal Extractable Value (MEV), Smart Contract Development, Security Auditing and Formal Verificat ... View more
