Senior Security Engineer - Donjon
Montpellier
Ledger
Secure your crypto assets such as Bitcoin, Ethereum, XRP, Monero and more. Give yourself peace of mind by knowing that your cryptocurrencies are safeFounded in 2014, Ledger is the global platform for digital assets and Web3. Over 15% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 5 millions units already sold in 180 countries.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Have a look at our Origins video here.
The Donjon is the team in charge of the security of all the products built at Ledger. As a B2C security engineer, your daily job will be to attack our hardware wallets and the whole ecosystem they interact with, in order to maintain and improve our leadership in the industry.
Your mission:
- Research cutting-edge offensive security techniques,
- Develop tools and exploits for our products, and provide fixes for them,
- Perform security reviews of new products or new features launched by Ledger,
- Perform security research on other products used in the cryptocurrency industry (hardware and software wallets, smart contracts, secure hardware...),
- Promote writing secure code to engineering teams,
- Present your work in academic and hacking conferences all over the world.
You have at least 2 of the following skills:
- Fluency in C and Python, including secure programming in these languages.
- Knowledge in reverse engineering and binary analysis.
- Good knowledge of exploitation techniques, and of mitigations against such techniques.
- Experience with static analysis tools.
- Development of fuzzers, or tools that automate security analysis.
- Design of secure architectures.
- Ability to develop and document methods, standards, and guidelines.
Following skills are a plus:
- Experience in embedded security,
- Good knowledge of applied cryptography,
- Experience in smart contracts security,
- Rust programming,
- Scala programming.
What we’re looking for:
- Self-motivated with a strong ability to work and maintain security knowledge in a changing landscape.
What’s in it for you?
- Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow.
- Flexibility: A hybrid work policy.
- Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
- Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage.
- Well-being: Personal development, coaching & fitness with our dedicated partners.
- Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
- High tech: Access to high performance office equipment and gadgets, including Apple products.
- Transport: Ledger reimburses part of your preferred means of transportation.
- Discounts: Employee discount on all our products.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: C Crypto Cryptography Exploits Offensive security Python Reverse engineering Rust Scala Security analysis
Perks/benefits: Conferences Equity Fitness / gym Health care Insurance Medical leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs