Cryptosecurity experts rake in $430,000 salary amid number of hacks
The rise of crypto-hacking during 2022 has skyrocketed the demand for blockchain security experts, with some auditors earning upwards of $430,000 per year.
Speaking to Cointelegraph, founder of blockchain recruiting firm CryptoRecruit, Neil Dundon, said that while security auditing services have long been in demand, the rise of decentralized finance (DeFi) protocols has opened opportunities for auditors to review potentially vulnerable smart contracts:
“There has always been a demand for safety auditors […] But since DeFi apps have been out there, there’s been a pretty big increase in demand for security audits all over the place because a small vulnerability in the protocol can potentially lead to the loss of hundreds of millions of dollars.”
A report by Chainalysis earlier this month revealed that hackers extracted more than $2 billion from cross-chain bridge protocols this year alone.
In a Bloomberg report on Aug. 22, CEO of decentralized lending service Morpho Labs Paul Frambot said that crypto security audits have moved from a “nice to have” business expense to a “must have.”
“Security, in my opinion, is not taken seriously enough in DeFi,” he said.
The rise in demand for crypto security auditors has seen a flurry of “for hire” ads across the industry.
According to job postings posted on Cryptocurrency Jobs, blockchain auditing companies are mostly looking for experienced programmers with an understanding of blockchain technology, cybersecurity and cryptography.
While most security audit salaries fall within the $100,000 – $250,000 range, some companies are willing to pay upwards of $430,000 per year, according to Web3.career’s job board.
Crypto recruiting firm Plexus Resource Solutions’ Zeth Couceiro made a similar comment to Bloomberg, noting that in some cases, blockchain security auditors have earned up to $400,000 annually.
Couceiro added that these auditors tend to earn about 20% more than Solidity-focused developers, which is the most popular programming language used to deploy smart contracts on Ethereum and other Ethereum Virtual Machine (EVM)-compatible blockchains.
Related: What is a smart contract security audit? A beginner’s guide
Among the top vulnerabilities security auditors look for in smart contracts include timestamp dependencies, reentrancy attacks, random number vulnerabilities, and misspellings.
The Bloomberg report noted that venture capital firms have already poured $257 million into crypto security audit firms this year, which is up 38.9% from all of 2021, according to CB insights.