Senior Security Engineer - Donjon

We're making the world of digital assets accessible and secure for everyone. Join the mission. 
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 15% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 5 millions units already sold in 180 countries. 
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Have a look at our Origins video here.
​The Donjon is the team in charge of the security of all the products built at Ledger. As a B2C security engineer, your daily job will be to attack our hardware wallets and the whole ecosystem they interact with, in order to maintain and improve our leadership in the industry.

Your mission:

• Research cutting-edge offensive security techniques,
• Develop tools and exploits for our products, and provide fixes for them,
• Perform security reviews of new products or new features launched by Ledger,
• Perform security research on other products used in the cryptocurrency industry (hardware and software wallets, smart contracts, secure hardware...),
• Promote writing secure code to engineering teams,
• Present your work in academic and hacking conferences all over the world.

You have at least 2 of the following skills:

• Fluency in C and Python, including secure programming in these languages.
• Knowledge in reverse engineering and binary analysis.
• Good knowledge of exploitation techniques, and of mitigations against such techniques.
• Experience with static analysis tools.
• Development of fuzzers, or tools that automate security analysis.
• Design of secure architectures.
• Ability to develop and document methods, standards, and guidelines.

Following skills are a plus:

• Experience in embedded security,
• Good knowledge of applied cryptography,
• Experience in smart contracts security,
• Rust programming,
• Scala programming.

What we’re looking for:

• Self-motivated with a strong ability to work and maintain security knowledge in a changing landscape.

What’s in it for you?

• Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow. 
• Flexibility: A hybrid work policy.
• Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
• Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage. 
• Well-being: Personal development, coaching & fitness with our dedicated partners.
• Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
• High tech: Access to high performance office equipment and gadgets, including Apple products. 
• Transport: Ledger reimburses part of your preferred means of transportation. 
• Discounts: Employee discount on all our products.

We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.