The rise of crypto hacks over 2022 has skyrocketed demand for blockchain security experts, with some auditors making upwards of $430,000 per year.
Speaking with Cointelegraph, blockchain recruitment firm CryptoRecruit founder Neil Dundon said that while security audit services have long been in demand, the rise of decentralized-finance (DeFi) protocols has opened up opportunities for auditors to review potentially vulnerable smart contracts:
“There’s always been a demand for security auditors […] But since DeFi apps have been out there, there has been quite a big increase in demand for security audits across the space because one small vulnerability in the protocol can potentially lead to the loss of hundreds of millions of dollars.”
A report from Chainalysis earlier this month revealed that hackers extracted more than $2 billion[1] from cross-chain bridge protocols alone this year.
In a Bloomberg report on Aug. 22, CEO of decentralized lending service Morpho Labs Paul Frambot said that crypto security audits have moved from a “nice to have” business expense to a “must have” one.
“Security is, in my opinion, not taken sufficiently seriously in DeFi,” he said.
The rise in demand for crypto security auditors has seen a plethora of “for hire” ads across the industry.
According to job advertisements posted[2] on Cryptocurrency Jobs, blockchain audit companies mostly look for experienced programmers with an understanding of blockchain technology, cybersecurity, and cryptography.
While most security audit salaries fall within the $100,000 – $250,000 range, some companies are willing to pay[3] upwards of $430,000 per year, according to Web3.career’s job board.
Crypto recruitment firm Plexus Resource Solutions Zeth Couceiro made a similar comment to Bloomberg, noting that in some cases, blockchain security auditors have been raking up to $400,000 annually.
Couceiro added that these auditors tend to make about 20% more than Solidity-focused developers, which is the most popular programming language used to deploy smart contracts on Ethereum and other Ethereum Virtual Machine (EVM) compatible blockchains.
Related: What is a smart contract security audit? A beginner’s guide[4]
Among the top vulnerabilities[5] that security auditors look for in smart contracts include timestamp dependency, reentrancy attacks, random number vulnerability, and spelling mistakes.
The Bloomberg report noted that venture capital firms have already poured $257 million into crypto security audit companies this year, which is up 38.9% from all of 2021, according to CB insights.
References
- ^ hackers extracted more than $2 billion (cointelegraph.com)
- ^ posted (cryptocurrencyjobs.co)
- ^ pay (web3.career)
- ^ What is a smart contract security audit? A beginner’s guide (cointelegraph.com)
- ^ Among the top vulnerabilities (cointelegraph.com)
This article was first published on Cointelegraph.com
