Blockchain Security Analyst
About The Position
Chainlink is seeking a Blockchain Security Analyst to support complex onchain investigations, threat analysis, and incident response efforts across the rapidly evolving digital asset ecosystem. In this role, you will analyze blockchain activity across EVM and non-EVM networks, trace illicit or suspicious fund flows, investigate exploits and laundering techniques, and help produce actionable intelligence for internal stakeholders and external partners. You will work closely with security researchers, incident response teams, protocol teams, and data engineers to identify, analyze, and communicate meaningful findings from blockchain data. The ideal candidate combines deep technical understanding of blockchain infrastructure with strong analytical thinking, investigative instincts, and excellent communication skills. This is a highly technical individual contributor (IC) role with significant ownership and impact. While this is not a management-track position, it offers meaningful opportunities to lead initiatives, drive investigations, build new capabilities, and shape how the team operates. If you enjoy solving difficult problems, operating with autonomy, and making a real difference in a fast-moving environment, this role offers a unique opportunity to do exactly that. We value people who are collaborative, adaptable, and excited to continuously learn in an evolving space.
Requirements
- Deep understanding of the EVM ecosystem, with familiarity across SVM and other non-EVM chains; able to clearly explain transaction structures, calldata, logs/topics, traces, and related onchain mechanics
- Strong working knowledge of common DeFi protocols, bridges, multisig architectures, and wallet infrastructure
- Comfortable extracting, analyzing, and interpreting onchain data using block explorers, transaction traces, event logs, and raw RPC responses
- Ability to build lightweight tooling and scripts to automate investigations, enrich datasets, or analyze blockchain activity
- Experience conducting blockchain investigations using tools such as Chainalysis Reactor, TRM Labs, Arkham, Nansen, and similar platforms
- Experience tracing funds across bridges, mixers, and cross-chain protocols
- Strong written and verbal communication skills, with the ability to synthesize complex technical findings into concise reports and presentations
Nice To Haves
- Experience interacting directly with blockchain RPC endpoints rather than relying solely on third-party APIs and indexing services
- Familiarity with AI-assisted investigation workflows, automation, and development tooling
- Experience participating in on-call rotations and supporting incident response operations
- Familiarity with common exploit patterns, laundering techniques, phishing infrastructure, and threat actor tradecraft
- Understanding of sanctions screening and attribution methodologies
- Ability to read and reason about smart contract code (Solidity/Rust preferred)
- Familiarity with MEV, validator infrastructure, and transaction propagation mechanics
- Experience querying blockchain datasets via Dune, Flipside, BigQuery, or self-hosted indexers
- Prior experience in web3 startup environments
Responsibilities
- Conduct blockchain investigations involving exploits, phishing campaigns, laundering activity, bridge incidents, and other onchain threats
- Trace funds across multiple chains, bridges, mixers, and DeFi protocols to identify patterns, attribution opportunities, and risk exposure
- Analyze transaction traces, calldata, logs/topics, and RPC-level blockchain data to produce high-confidence investigative findings
- Build lightweight tooling and scripts to automate repetitive analysis tasks, enrich datasets, and improve investigation workflows
- Produce concise, high-quality reports and presentations summarizing technical findings for both technical and non-technical audiences
- Support incident response efforts during active investigations and security events
- Collaborate with internal teams to improve detection methodologies, operational tooling, and investigative processes
- Stay current on evolving exploit techniques, threat actor tradecraft, laundering methodologies, and developments across the web3 ecosystem
Benefits
- All roles with Chainlink Labs are global and remote-based.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
