About the Company:

Tools for Humanity (TFH) designs and builds technology behind World. World is building a real human network designed to accelerate people in the age of AI. As bots and autonomous agents reshape the internet, people, institutions, and applications need a trusted way to confirm who is a real human while preserving privacy. The TFH and World tech stacks make this possible: the Orb verifies real, unique people, World ID proves it privately, and World App puts these capabilities, and more, in people’s hands. Together, they add a human layer to an AI-driven internet.

World is already running at a global scale. More than 17 million people across 160 countries have verified with World ID, and more new Orb verifications take place each week. World App is already among the most used wallets globally. Developers are integrating World ID to build safer online experiences and create spaces where real people can participate, earn, and be recognized in ways AI simply can’t replicate.

Founded in 2019, TFH has more than 400 people across hardware, software, AI, cryptography, mobile engineering, and global operations. Our teams come from OpenAI, Tesla, SpaceX, Apple, Google, Stripe, Meta, Coinbase, Palantir and MIT Media Lab. We’re backed by leading investors, including a16z, Khosla Ventures, Bain Capital Crypto, Blockchain Capital, Variant, Tiger Global, and Coinbase Ventures, as well as prominent operators and founders across fintech and AI.

TFH and World have been featured on the cover of TIME Magazine, highlighted in Fast Company’s Next 5 in Fintech, and explored in a Bloomberg deep dive. The New York Times, Bankless and TechCrunch have all recognized our collective progress in identity, cryptography, AI, and global-scale hardware deployment. Our leadership is also named to the Time AI 100. Learn more about the newest product launches from our Liftoff event.

About the Role:

You will work with our team of security experts to leverage the Ethereum blockchain to record audit events and detect and respond to attacks on the World ID system, which leverages an Optimism OP stack L2 chain (the World Chain), Merkle trees, zero knowledge proofs, and smart contracts as part of the global-scale World ID identity service.

About the Team:

Our multidisciplinary team’s mission is to detect & respond to attacks against the global-scale identity World ID service, which leverages a unique hardware device (the Orb), infrastructure, APIs, mobile apps, and operations on the Ethereum blockchain to provide privacy-preserving “proof of human”. Together, we apply expertise in hardware, cloud infrastructure, application security, mobile devices, intrusion detection, machine learning, AI, blockchain, incident response, and more to solve these novel challenges.

We are building an entirely new automated detection and response system. Right now it needs to protect the 18+ million verified World ID users processing millions of identity and financial transactions a day, and it will need to rapidly scale to protect billions of users using trusted and untrusted hardware, much of which we will not own. We want to publish audit events to the public blockchain for the highest possible transparency and trust of the World ID system. We need to do all this while maintaining the strongest possible privacy protections.

This team works closely with the teams building the core technologies (apps, orbs, network protocols, encryption designs, attestation, etc) because D&R and Privacy are foundational elements of the World Network.

About You

• MUST HAVE: Proven track record of discovering blockchain-based vulnerabilities (e.g., smart contracts) or substantial, successful participation in major Capture The Flag (CTF) security competitions (e.g., DEF CON, PlaidCTF, Google CTF, etc.).

• 5-8 years experience developing and deploying security-related analysis (e.g. intrusion detection, security monitoring, log analysis)

• 2-5 years experience with and detailed understanding of the Ethereum blockchain (protocol level, transaction level)

• Experience with programming and version control (esp. GitHub).

• Willing to participate in an on-call rotation and learn incident handling (or relevant experience)

• Strong critical thinking, communication, and leadership skills

• Comfort working cross-functionally with peer teams to negotiate and reach consensus solutions that improve security and privacy

• Energized by working in a fast-paced, collaborative environment

• If you don't think you meet all of the criteria but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.

Nice-to-Have Skills

• Experience writing smart contract code using Solidity.

• Experience with creating dashboards and analytics in SQL-based environments.

• Experience deploying code to a containerized environment via CI/CD.

• Experience with infrastructure, cloud, mobile (iOS/Android), or hardware security.

What we offer

The reasonably estimated salary for this role at Tools for Humanity ranges from $221,000 - $325,000 plus a competitive long-term incentive package. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, Tools for Humanity offers a wide range of best-in-class, comprehensive, and inclusive employee benefits for this role, including healthcare, dental, vision, 401(k) plan and match, life insurance, flexible time off, commuter benefits, professional development stipend, and much more.

By submitting your application, you consent to the processing and internal sharing of your CV within the company, in compliance with the GDPR.

If you don't think you meet all of the criteria but are still interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.