About the Company:
World is building a real human network designed to accelerate people in the age of AI. As bots and autonomous agents reshape the internet, people, institutions, and applications need a trusted way to confirm who is a real human while preserving privacy. Our products make this possible: the Orb verifies real people, World ID proves it privately, and World App enables and distributes the new applications made possible by this technology. Together, they form a new layer for AI internet.
We’re one of the fastest-growing networks in tech. More than 17 million people across 160 countries have verified with World ID, and we complete over 350,000 verifications each week. World App is already among the most used wallets globally. Developers are integrating World ID to build safer online experiences and create spaces where real people can participate, earn, and be recognized in ways AI simply can’t replicate.
World was founded in 2019 and launched globally in 2023. We are more than 400 people across hardware, software, AI, cryptography, mobile engineering, and global operations. Our teams come from OpenAI, Tesla, SpaceX, Apple, Google, Stripe, Meta, Coinbase, Palantir and MIT Media Lab. We’re backed by leading investors, including a16z, Khosla Ventures, Bain Capital Crypto, Blockchain Capital, Variant, Tiger Global, and Coinbase Ventures, as well as prominent operators and founders across fintech and AI.
World has been featured on the cover of TIME Magazine, highlighted in Fast Company’s Next 5 in Fintech, and explored in a Bloomberg deep dive. The New York Times, Bankless and TechCrunch have all recognized our progress in identity, cryptography, AI, and global-scale hardware deployment. Our leadership is also named to the Time AI 100. Learn more about the newest product launches from our Unwrapped event.
About the Role:
You will work with our team of security experts to leverage the Ethereum blockchain to record audit events and detect and respond to attacks on the World ID system, which leverages an Optimism OP stack L2 chain (the World Chain), Merkle trees, zero knowledge proofs, and smart contracts as part of the global-scale World ID identity service.
About the Team:
Our multidisciplinary team’s mission is to detect & respond to attacks against the global-scale identity World ID service, which leverages a unique hardware device (the Orb), infrastructure, APIs, mobile apps, and operations on the Ethereum blockchain to provide privacy-preserving “proof of human”. Together, we apply expertise in hardware, cloud infrastructure, application security, mobile devices, intrusion detection, machine learning, AI, blockchain, incident response, and more to solve these novel challenges.We are building an entirely new automated detection and response system. Right now it needs to protect the 18+ million verified World ID users processing millions of identity and financial transactions a day, and it will need to rapidly scale to protect billions of users using trusted and untrusted hardware, much of which we will not own. We want to publish audit events to the public blockchain for the highest possible transparency and trust of the World ID system. We need to do all this while maintaining the strongest possible privacy protections.
This team works closely with the teams building the core technologies (apps, orbs, network protocols, encryption designs, attestation, etc) because D&R and Privacy are foundational elements of the World Network.
About You
MUST HAVE: Proven track record of discovering blockchain-based vulnerabilities (e.g., smart contracts) or substantial, successful participation in major Capture The Flag (CTF) security competitions (e.g., DEF CON, PlaidCTF, Google CTF, etc.).
5-8 years experience developing and deploying security-related analysis (e.g. intrusion detection, security monitoring, log analysis)
2-5 years experience with and detailed understanding of the Ethereum blockchain (protocol level, transaction level)
Experience with programming and version control (esp. GitHub).
Willing to participate in an on-call rotation and learn incident handling (or relevant experience)
Strong critical thinking, communication, and leadership skills
Comfort working cross-functionally with peer teams to negotiate and reach consensus solutions that improve security and privacy
Energized by working in a fast-paced, collaborative environment
If you don't think you meet all of the criteria but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.
Nice-to-Have Skills
Experience writing smart contract code using Solidity.
Experience with creating dashboards and analytics in SQL-based environments.
Experience deploying code to a containerized environment via CI/CD.
Experience with infrastructure, cloud, mobile (iOS/Android), or hardware security.