About Morpho
Morpho is a leading Decentralized Finance (DeFi) lending protocol that raised million from a16z, Paradigm, Ribbit, Apollo, Coinbase and 50 others to build an open credit network giving anyone, anywhere, access to the best borrowing and lending terms on-chain. Morpho is experiencing exponential adoption, with over 10 billion dollars in deposits on the network and used by the largest names in the industry such as such as Coinbase, Apollo, Kraken, Binance, .... Now, Morpho is scaling its team to establish itself as the open credit network, not just of DeFi, but of the world.
Why Morpho Exists
Building something meaningful takes resources, yet access to capital still depends on where you live, who you know, and which institutions are willing to trust you. Even when capital is available, it sits fragmented across disconnected networks and hidden behind intermediaries. The result is a system that fails most of the people it should serve. Borrowers overpay. Lenders earn less than they should. Many are shut out entirely, not because they are unworthy of credit, but because today's infrastructure was never built to connect them. Morpho exists to solve this. Full article here.
Location
Remote (US or EU, up to GMT+2 to ensure sufficient overlap with the rest of the team).
How we work
We move fast on hard problems in a nascent market with no set playbook: navigating uncertainty is part of the job. You'll be challenged: anyone can question work and decisions must be justified. We keep a high bar and match it with high support: we help each other unblock and share context openly, with low ego. More about our values: morpho.org/jobs.
Role
The mission of this role is to make Morpho's protocol safer and faster to ship by owning the security lifecycle end-to-end: from formal verification and smart contract audits to bug bounty program management. As the protocol team scales and takes on more complexity, this person reduces risk and shortens audit cycles so the team can move with confidence.
Responsibilities
Apply formal verification methods to Morpho's smart contracts using tools like Certora to prove protocol invariants and catch bugs before audit.
Conduct thorough security reviews of smart contracts developed internally, identifying critical vulnerabilities before they reach production.
Own the bug bounty program end-to-end: triage incoming reports, communicate with security researchers, validate findings, and coordinate war rooms when needed.
Develop periphery smart contracts that extend Morpho's protocol in a safe and auditable way.
Research emerging attack vectors, new bug classes, and evolving security tooling to keep Morpho's practices at the frontier.
Represent Morpho at security-focused conferences, meetups, and in published articles or research writeups to strengthen the protocol's credibility in the security community.
What Success Looks Like
First 30 days
Built a deep working knowledge of Morpho Blue and Vault v2. Started implementing formal verification rules using Certora on existing contracts. Got familiar with how the protocol team works and ships.
First 4 months
Reached complete command of Morpho Blue and Morpho Midnight. Independently formulates and implements the most important invariants across the contracts. Leads the weekly Morpho call with Certora. Owns triage and validation of the smart contract bug bounty program.
In 1 year
Makes meaningful security contributions that measurably reduce Morpho's attack surface. Identifies new attack vectors, shares security best practices across the protocol team, and helps speed up audit cycles so the team ships faster without cutting corners.
Must-have Experience & Skills
Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field, or equivalent depth of knowledge.
3+ years of experience in smart contract auditing, with a proven track record of identifying critical vulnerabilities.
Deep knowledge of the Ethereum Virtual Machine, Solidity, and the broader blockchain ecosystem.
Hands-on experience with formal verification tools (Certora or equivalent).
Strong written and verbal communication skills: able to write a clear vulnerability report as well as a research article.
Genuine interest in DeFi and lending protocols specifically.
Comfortable operating in a fast-moving, async-first environment where priorities shift and ambiguity is normal.
Strong ownership and autonomy: identifies what needs to be done and does it, without waiting to be managed.
Clear and crisp async communication: writes well and shares context proactively across time zones.
Team-first mindset: treats the protocol's safety as a shared mission, not a personal agenda.
Humble.
Perks & benefits
We design benefits around deep work and growth, so you can do the best work of your career. Expect fair, top-tier compensation, real flexibility, time together in Paris, great health coverage, and support to keep learning.
Equal opportunity
We welcome applicants from all backgrounds and hire based on talent, potential, and values alignment.