Senior Software Security Engineer

@ Ledger

About Ledger

Ledger is a global platform for digital assets and Web3, securing over 20% of the world's crypto assets with its hardware wallets. With headquarters in Paris and offices across Europe, the US, and Asia, Ledger empowers individuals and enterprises to securely manage their crypto assets.

The Team

The Donjon team is responsible for the security of all products built at Ledger.

What You’ll Be Doing

• Attack products and ecosystem to enhance industry leadership.
• Collaborate with development teams to address vulnerabilities in backend services, APIs, and supporting infrastructure.
• Research cutting-edge offensive security techniques.
• Develop tools and exploits for products and provide necessary fixes.
• Conduct security assessments and threat modeling for Ledger's ecosystem including DeFi and Ledger Live services.
• Promote secure coding practices among engineering teams.
• Present work at academic and hacking conferences worldwide.

What We're Looking For

• Strong web and backend penetration testing experience.
• Fluency in Python and Rust with secure programming practices.
• Kubernetes and cloud infrastructure knowledge.
• Basic knowledge of Scala is a plus.
• Experience in HSM security is a plus.
• Good knowledge of exploitation techniques and mitigations.
• Experience developing tools for automated security analysis.
• Design capability for secure architectures and documentation of standards.

Benefits

• Flexible hybrid work options.
• Health and life insurance support.
• Financial growth opportunities including shareholding options.
• Commuter allowance.
• Comprehensive learning and development training.

Inclusivity

Ledger is committed to an inclusive hiring process. Please inform us if you need any adjustments or accommodations.

Key skills/competency

• Cybersecurity
• Penetration Testing
• Python
• Rust
• Cloud Infrastructure
• Kubernetes
• Exploit Development
• Threat Modeling
• Secure Architecture
• HSM