Staff Software Security Engineer - Web 3.0 (f/m)

We are a pioneering company that is driven by a mission that transcends mere business objectives. Our goal is to establish and safeguard digital ownership in a dynamic world, facilitating true freedom. Embracing innovation, we constantly push the boundaries of what is achievable by merging excellence and pragmatism with ambition and certainty. Within our innovative environment, you will lead the way in shaping the rules of emerging technologies to create products that redefine security in the digital era.

Established in 2014, our organization, Ledger, serves as a global platform for digital assets and Web3 technology. A significant portion of the world's crypto assets are safeguarded through our Ledger Nanos. With our headquarters located in Paris and Vierzon, and additional offices in the UK, the US, Switzerland, and Singapore, our team of over 700 professionals is dedicated to producing a range of products and services. These offerings enable individuals and businesses to securely buy, store, exchange, enhance, and manage cryptocurrency assets. Among our products, the Ledger hardware wallets line has already amassed over 7 million units sold across 200 countries.

The Donjon team leads all product security initiatives at Ledger. As a staff security engineer, your main responsibility will include testing our products and their interconnected ecosystem rigorously to uphold and enhance our standing as an industry leader.

Role Overview

• Explore state-of-the-art offensive security strategies, create tools and exploits for our products, and develop solutions to address identified vulnerabilities,
• Conduct security assessments of Web3 interactions, encompassing smart contracts, secure signing mechanisms, and dApp integrations.
• Collaborate closely with the Product team to outline secure user interactions, lessening risks arising from malicious Web3 interactions.
• Showcase your findings at academic conferences and hacking events worldwide.

Desired Qualifications

• Extensive background in Web3 security.
• Proficiency in DeFi protocols and dApps development.
• Basic understanding of financial services.
• Self-motivated with a keen aptitude for adapting to evolving security landscapes.

Required Technical Skills

• Proficiency in Solidity and Rust, focusing specifically on secure programming in these languages.
• Knowledge in reverse engineering and binary analysis.
• Strong grasp of exploitation techniques and countermeasures against them.
• Substantial experience with static analysis tools and formal verification.
• Ability to devise and document methodologies, protocols, and standards.

Perks & Benefits

• Stock options allow employees to share in the company's success.
• Adopting a hybrid work policy that provides flexibility.
• Annual company outings, frequent social gatherings, as well as complimentary snacks and beverages.
• Comprehensive healthcare coverage including medical, dental, and vision care.
• Personal development opportunities, coaching, and fitness programs with dedicated partners.
• Generous vacation package, with five weeks of paid leave per year accompanied by national holidays and rest & relaxation (RTT) days.
• Access to high-performance office equipment and technology, including Apple products.
• Transportation reimbursement program.
• Employee discounts across all product offerings.

Ledger is committed to ensuring fairness for all candidates during the recruitment process, regardless of gender, ethnic background, religion, sexual orientation, social status, disability, or age.