Auditor Portfolio Tips

Over the weekend I went through 50+ DMs from auditors looking to do private audits with Cyfrin, examining portfolios and findings. Here are 8 tips for building a better auditor portfolio!

1⃣ Have a portfolio page! Many auditors who DM'd me had no portfolio page, even some with quite good accomplishments. Simply by having a portfolio page you are ahead of many auditors. Github is fine or your own website is more fancy, but both work!

2⃣ Links to everything! Many portfolios claim wonderful things about contest rankings, findings found etc, but there is no direct link. Please have direct links and check that they are correct so that a hiring manager can easily click through and get to the source to verify the claim!

3⃣ Top 5 or Top 10 sickest findings - I really like to know, what are your top 5 or top 10 sickest findings, the exploits you are most proud of? Include a section in your portfolio, it can be quite simple just a list of bullet points with the title of each finding that is a clickable link to the finding on Solodit - make it easy for me to see your best!

4⃣ Links to private audits you have participated in, and if you personally found important findings within that audit then include that info as well!

5⃣ Avoid putting audits you have done of protocols that got REKT! If you audited something that later got REKT, you don't want that on your resume! The reality is no one is perfect, no one can catch every bug, but just don't put that on your resume, it isn't a good look!

6⃣ Links to high-impact research, bug bounty write-ups etc - put this in a section as well, again doesn't have to be big, a simple dot point list of title with clickable link is fine

7⃣ Contest rankings - if your resume is full of contests, consider removing the contests where you didn't get a significant ranking and just list the ones where you ranked well, together with a direct link to the leaderboard. If you found unique/significant findings list that as well. Make it easy for me to see your best work!

8⃣ Strengths / areas of interest - if you have done any non-Solidity non-EVM, highlight that for example in the private audit or contest listing, say that it was in Rust on Solana, or Move, Cosmos, Cairo whatever. Make it easy for me to see you have other skillsets. If you are a specialist in certain protocol types - include that!

These tips will help you not just with me but with any hiring manager, you want to make it as easy as possible for us to see your achievements! Put your best foot forward and let's get it!

Subscribe to the author:

Link: https://x.com/DevDacian/status/1875837280876921283