Software Security Engineer

The Donjon is the team in charge of the security of all the products built at Ledger. As a security engineer, your daily job will be to attack Ledger Vault, our solution dedicated to financial institutions, and Ledger Live, our B2C app, in order to maintain and improve our leadership in the industry.

Key missions:

• Research cutting-edge offensive security techniques.
• Develop tools and exploits for our products, and provide fixes for them.
• Perform security reviews of new products or new features launched by Ledger.
• Perform security research on other products used in the cryptocurrency industry (hardware and software wallets, smart contracts, secure hardware...)
• Promote writing secure code to engineering teams.
• Present your work in academic and hacking conferences all over the world.

Technical Skills

• At least 2 of the following skills are required:


• Fluency in C and Python, including secure programming in these languages.
• Knowledge in reverse engineering and binary analysis.
• Good knowledge of exploitation techniques, and of mitigations against such techniques.
• Experience with static analysis tools.
• Development of fuzzers, or tools that automate security analysis.
• Design of secure architectures.
• Ability to develop and document methods, standards, and guidelines.

Following skills are a plus:

• Experience in embedded security.
• Experience in HSM security.
• Good knowledge of applied cryptography.
• Basics in financial services.
• Rust programming.
• Scala programming.

Profile

• Some experience in security. Juniors are very welcome. For example, playing CTFs can be considered as a an experience.
• Self-motivated with a strong ability to work and maintain security knowledge in a changing landscape.

Benefits

• Competitive compensation package and ESOP according to the Company policy
• Flexible working hours, remote-friendly environment
• Strong focus on personal development including internal/external trainings and attendance to conferences
• Internal talks, technical meetups and Hackathons
• High performance office equipment
• Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
• Meal Vouchers with Swile (ex Lunchr)
• Annual company outing for Ledgerdary Days plus infrequent parties, snacks and drinks
• Employee discount on Ledger products

Ledger guarantees equal opportunity for all during the recruitment process, without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.