Logo for CovertSwarm

Senior Hive Member - Blockchain, Cryptography & Digital Asset Offensive Security

Role overview

Qualifications

  • Deep technical curiosity and proven capability across blockchain
  • Experience in offensive security operations
  • Strong skills in cryptography and secure protocols
  • Familiarity with complex distributed systems

Responsibilities

  • Lead sophisticated offensive security engagements against digital asset systems
  • Assess custody platforms, wallet infrastructure, and smart contracts
  • Develop research-led attack plans against institutional digital asset environments
  • Identify weaknesses in digital asset security that could lead to compromises

About the company

CovertSwarm logo

CovertSwarm

YOU DESERVE TO BE HACKED. They say you should keep your friends close, but your enemies closer — and CovertSwarm is your worst nightmare. A specialist red team of ethical hackers and penetration testers, we attack relentlessly from every angle to hit your brand where it hurts again, and again, and again. If there’s a weak spot in your app or website, we’ll find it. If an update exposes a vulnerability, we’ll spot it. And we’ll raise the alarm fast, before anyone can break in.

Company details

Company size51 - 200

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

The Mission 

At CovertSwarm, we are redefining offensive security through constant, relentless attack. As a Senior Hive Member specialising in blockchain, encryption and digital asset security, you will lead sophisticated offensive security engagements against the systems that move, protect, sign for and settle digital assets. 


This role is focused on environments where cryptography, blockchain infrastructure, financial systems and operational controls intersect. You will assess custody platforms, wallet infrastructure, HSM/MPC/TSS signing services, smart contracts, institutional trading APIs, stablecoin settlement rails, blockchain nodes, tokenisation platforms, cloud environments, CI/CD pipelines and the operational workflows that support them.


This is not a generic offensive security role and it is not limited to smart contract audits. You will take an adversarial view of the full digital asset ecosystem: on-chain, off-chain, cloud, application, cryptographic, operational and human. 

Your work will help clients understand how their most valuable systems could fail under real attack conditions, including unauthorised signing, private key exposure, smart contract exploitation, API abuse, settlement failure, reconciliation breakdown, insider misuse, market disruption or irreversible asset loss. 

 

The Opportunity 

We are looking for an experienced offensive security operator with deep technical curiosity and proven capability across blockchain, cryptography, encryption, secure protocols and complex distributed systems. 


You will lead research-led attack plans against environments similar to those used by institutional digital asset firms, market makers, OTC trading desks, custodians, stablecoin settlement providers, tokenisation platforms and Web3 product teams. 


These environments commonly include: 

  • Institutional trading platforms using REST, WebSocket, FIX, RFQ and GUI workflows. 
  • Market-making, OTC execution, post-trade settlement and treasury operations. 
  • Experience in attacking communication protocols, specifically the Matrix protocol. 
  • Stablecoin settlement across Ethereum, Solana, Tron, L2s and other chains. 
  • Custody architectures involving hot, warm and cold wallets. 
  • HSM, KMS, MPC, threshold signing, multisig and key ceremony workflows. 
  • Smart contracts, token contracts, bridges, escrow, governance and DeFi mechanics. 
  • Cloud-native infrastructure, Kubernetes, CI/CD, secrets management and privileged access. 
  • Operational approval flows, reconciliation systems, audit trails and incident response processes. 


You will be expected to go beyond checklist testing. The role requires someone who can identify how a weakness in one layer - such as cloud IAM, API permissions, CI/CD secrets, wallet policy, signing workflow, approval logic or transaction monitoring could be chained into a material compromise of digital assets. 


Deep cryptography skills are essential, including the ability to review cryptographic designs, challenge trust assumptions, assess implementation weaknesses, and evaluate key management, encryption, authentication and secure messaging controls from an offensive perspective. 


Strong experience with the Matrix protocol would be extremely beneficial, including federation, end-to-end encryption, identity, homeserver behaviour, client-server and server-server APIs, bridge architectures, and the security implications of decentralised messaging at scale. 

 

What Makes You Great 

You are an experienced offensive security professional who understands that digital asset security is not just about blockchain code. It is about the complete chain of trust: identity, infrastructure, code, keys, APIs, signers, policy engines, approvals, people, operations, monitoring and settlement. 


You are comfortable asking difficult questions, such as: 


  • Can a compromised cloud role, API key, CI/CD runner or support account trigger a signing event? 
  • Can a transaction be altered, replayed, delayed, reordered or misrouted before approval or broadcast? 
  • Can wallet policies be bypassed through edge cases in asset type, chain, limit, quorum, allowlist or emergency workflow? 
  • Can a privileged operator, insider or vendor integration abuse approval flows? 
  • Can execution and settlement diverge in a way that creates loss or reconciliation blind spots? 
  • Can smart contract upgrades, oracle inputs, governance actions or bridge messages change asset-control assumptions? 
  • Are logs and alerts sufficient to reconstruct and respond to a signing, withdrawal or settlement incident? 


You combine creative adversarial thinking with disciplined execution. You can prove risk safely, explain impact clearly and recommend practical remediation. 

 

The Human Element 

You have a sharp analytical mind and strong attention to detail. 


You are a natural problem solver who enjoys complex, ambiguous systems where the most important weaknesses often sit between components. 


You communicate clearly and can translate deep technical findings into language that different audiences can act on. 


You are comfortable working with engineers, traders, quants, product teams, security teams, legal, compliance, operations and executives. 


You are self-driven, research-oriented and committed to continuous learning. 

You are a team player who contributes to the collective knowledge of the Swarm and helps others build capability. 

 

What Success Looks Like 

You will be successful in this role if: 

  • Clients understand how their blockchain, custody, encryption and settlement environments could realistically be compromised. 
  • High-impact vulnerabilities are discovered before adversaries find them. 
  • Weaknesses in signing, key management, APIs, smart contracts, settlement and operational controls are translated into clear business risk. 
  • CovertSwarm develops a repeatable, high-depth methodology for digital asset offensive security. 
  • Our tooling and research improve the way we test wallets, signers, custody systems, trading APIs, stablecoin flows and smart contracts. 
  • Fellow Hive members grow their skills through your mentoringresearch and technical leadership. 
  • Engineering teams trust your technical depth and executives trust your judgement. 

 

The Perks 

Join a team that values both excellence and balance: 

  • True remote flexibility - work from anywhere. 
  • No report-writing drudgery - we use our custom portal. 
  • Unlimited training to keep your skills sharp. 
  • Unlimited vacation - because burnout helps no one. 
  • Private medical insurance and pension scheme. 
  • Conference speaking bonuses. 
  • Hardware, software, lab environments, cloud credits and research materials you need to excel. 
  • A culture of radical candor, continuous improvement and technical excellence. 

 

The Culture 

At CovertSwarm, we take pride in pushing the boundaries of offensive security. Our team consists of passionate and humble professionals who value creativity, technical depth and delivering results that matter. 


In this role, you will help shape how CovertSwarm attacks and reviews the infrastructure underpinning digital asset markets: keys, signers, wallets, APIs, smart contracts, settlement rails, cloud platforms, control planes and the humans operating them. 


If you want to work at the intersection of offensive security, blockchain, encryption and financial infrastructure, we want to hear from you. 


Ready to join the Swarm? 

Take the next step in your cybersecurity career by applying today. Let’s talk about how your skills, research mindset and offensive capability align with CovertSwarm’s mission to redefine offensive security. 





Compensation: dependant on skills and experience range from £60,000 to £95,000

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Related jobs

Other jobs at CovertSwarm

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.