Software Security Engineer
Posted on Friday, January 27, 2023
We're making the world of digital assets accessible and secure for everyone. Join the mission.
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 20% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in UK, US, Switzerland and Singapore, Ledger has a team of more than 900 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 6 millions units already sold in 200 countries.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Hear from our employees how they shape the work we do here.
The Donjon is the team in charge of the security of all the products built at Ledger. As a senior security engineer, your daily job will be to attack our hardware wallets and the whole ecosystem they interact with, in order to maintain and improve our leadership in the industry.
- Research cutting-edge offensive security techniques,
- Develop tools and exploits for our products, and provide fixes for them,
- Perform security reviews of new products or new features launched by Ledger,
- Perform security research on other products used in the cryptocurrency industry (hardware and software wallets, smart contracts, secure hardware...),
- Promote writing secure code to engineering teams,
- Present your work in academic and hacking conferences all over the world.
What we’re looking for
- Some experience in security, experience in embedded security is a plus.
- Good knowledge of applied cryptography.
- Basics in financial services.
- Self-motivated with a strong ability to work and maintain security knowledge in a changing landscape.
- Fluency in C and Python, including secure programming in these languages.
- Knowledge in reverse engineering and binary analysis.
- Good knowledge of exploitation techniques, and of mitigations against such techniques.
- Strong experience with static analysis tools.
- Development of fuzzers, or tools that automate security analysis.
- Design of secure architectures.
- Ability to develop and document methods, standards, and guidelines.
- Rust, Scala programming are a plus.
- Experience in HSM security is a plus.
What’s in it for you?
- Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow.
- Flexibility: A hybrid work policy.
- Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks.
- Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage.
- Well-being: Personal development, coaching & fitness with our dedicated partners.
- Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
- High tech: Access to high performance office equipment and gadgets, including Apple products.
- Transport: Ledger reimburses part of your preferred means of transportation.
- Discounts: Employee discount on all our products.
We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.