Job DescriptionThe mission of this role is to ensure the security and robustness of Morpho's smart contracts by conducting formal verification, security reviews, and managing bug bounty programs to ship safer protocols and reduce audit cycle times.ResponsibilitiesImplement formal verification rules using Certora on Morpho smart contracts to validate critical invariants and reduce vulnerabilities before deployment.Conduct comprehensive security reviews of protocol smart contracts to identify critical bugs and strengthen the attack surface before audits.Own the bug bounty program by triaging submissions, communicating with security researchers, and coordinating response to critical findings.Build periphery smart contracts that integrate with the core protocol to extend functionality while maintaining security standards.Research emerging attack vectors and new vulnerability classes to keep the team ahead of threats and inform security best practices.Represent Morpho's security approach at conferences, meetups, and through published research to build credibility in the security community.What Success Looks LikeIn your first 30 daysYou will gain a solid understanding of Morpho v1 and vault v2 architecture, and implement initial formal verification rules using Certora on Vault/Market V2 contracts.By Month 4–6You will have complete understanding of Morpho v1 and v2, autonomously formulate and implement the most important contract invariants and own triage and validation of our smart contract bug bounty program.By Month 12You will have made meaningful security contributions that increase robustness and reduce attack surface, identified new attack vectors, and distilled security best practices that the entire Protocol team relies on.Competencies & TraitsAdaptabilityYou thrive in a fast-moving, remote-first environment where protocol priorities and timelines shift based on research findings and ecosystem developments.Clear CommunicationYou excel at async communication through Slack and meetings, articulating complex security concepts clearly to help the team make progress through discussion and collaboration.Ownership & AutonomyYou take full ownership of security domains, make decisions independently, and drive work forward without waiting for direction.Low Ego & Team-First MindsetYou prioritize mission over personal goals, share credit transparently, and view security as a collective responsibility rather than individual heroics.Critical Thinking & CuriosityYou challenge assumptions, provide constructive feedback, and continuously research new methods to stay ahead of emerging threats.Must-have Experience & SkillsMaster's degree in Computer Science, Cybersecurity, Software Engineering, or a related field3+ years of experience in smart contracts auditingProven track record of identifying critical vulnerabilities in smart contractsExtensive knowledge of Ethereum Virtual Machine, Solidity and the blockchain ecosystemExcellent written and verbal communication skillsInterest in DeFi and lending protocolsLow ego and collaborative mindsetNice to HaveExperience with bug bounty programs and platforms, including triage, validation, and researcher communicationExperience writing smart contracts securing significant TVLPublication record in applied cryptography, security, or related domainsPerks & benefits:We design benefits around deep work and growth, so you can do the best work of your career. Expect fair, top-tier compensation, real flexibility, time together in Paris, great health coverage, and support to keep learning.Equal opportunityWe welcome applicants from all backgrounds and hire based on talent, potential, and values alignment.Ready to shape the future of finance?