After the Bybit hack and a string of bridge exploits in 2025, the firms that protect crypto infrastructure are themselves scaling at a record pace. CertiK, Elliptic, and Nethermind collectively posted 112 open roles in Q1 2026 — a 67% increase year-on-year.
CertiK: From Auditor to Full-Stack Security
CertiK has 44 open roles — its highest count in our tracking history. The composition has shifted dramatically. In 2024, CertiK was almost entirely a smart contract audit shop. Today, 18 of its 44 roles are in software engineering (threat detection tooling, runtime monitoring, on-chain forensics), and 7 are in enterprise sales.
The strategic move: CertiK is building automated, continuous security monitoring products alongside its manual audit practice. The enterprise sales hiring confirms they are selling these products to the same financial institutions now entering crypto. Audits are a one-time event; SaaS monitoring is recurring revenue.
Elliptic: The Compliance Intelligence Specialist
Elliptic has 31 open roles, almost entirely in two buckets: data science/ML (14 roles) and enterprise sales (9 roles). This is blockchain analytics built for financial crime compliance — AML, sanctions screening, transaction monitoring for banks and exchanges navigating MiCA and FinCEN requirements.
The ML hiring is particularly significant. Elliptic is training models to detect novel mixing patterns and cross-chain obfuscation techniques that rules-based systems miss. As privacy protocols like Tornado Cash successors proliferate, the cat-and-mouse arms race intensifies — and Elliptic is hiring for the long game.
Nethermind: The Protocol Services Powerhouse
Nethermind has 37 open roles with the most diverse composition of the three. As the team behind one of the two dominant Ethereum execution clients, Nethermind occupies a unique position: critical infrastructure that cannot fail, surrounded by a professional services practice that audits protocols, builds custom L2 stacks, and consults on ZK proof systems.
Their ZK engineering cluster (11 open roles in zkVM and proof system development) is the most aggressive in the category. Nethermind is positioning itself as the go-to implementation partner for any protocol adopting ZK technology — a massive total addressable market as EVM chains migrate toward ZK settlement.
The Macro Signal
Security and compliance infrastructure hiring is a second-order signal. It does not tell you which consumer app will win — it tells you that the underlying layer is being professionalized. Institutions do not deploy capital to a chain unless it has credible audit coverage, on-chain monitoring, and a forensics trail for regulators. That infrastructure is being built right now.
Our prediction: at least two of these three firms will announce partnerships with a major TradFi institution in the next 90 days. The hiring patterns make it near-certain that conversations are already advanced.
See the full CertiK hiring signal, Elliptic hiring signal, and Nethermind hiring signal on Signalmap.