Senior Software Security Engineer (f/m)

We’re the forever innovators. On a mission that goes beyond business. Securing digital ownership in a changing world. Unlocking true freedom. We’re revolutionaries.Looking beyond today. Bridging excellence and pragmatism, with ambition and conviction, to push the limits of what’s possible. That’s what you’ll do here, in this playground of innovation. With leadership and trust, you’ll write the rules of new technology, and create products that redefine security in a digital age.
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 20% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 7 millions units already sold in 200 countries. 
Donjon is the team in charge of the security of all the products built at Ledger. As a security engineer dedicated to consumer services, your daily job will be to attack our products and the whole ecosystem they interact with, in order to maintain and improve our leadership in the industry.

Your misson

• Collaborate with development teams to identify and address vulnerabilities in backend services, APIs, and supporting infrastructure,
• Research cutting-edge offensive security techniques,
• Develop tools and exploits for our products, and provide fixes for them,
• Conduct security assessments and threat modeling for Ledger's services ecosystem, including DeFi services and Ledger Live-related services,
• Promote writing secure code to engineering teams,Present your work in academic and hacking conferences all over the world.

What we're looking for

• Some experience in security, experience in blockchain security is a plus.
• Good knowledge of applied cryptography.
• Basics in financial services.
• Self motivated with a strong ability to work and maintain security knowledge in a changing landscape.

Technical Skills

• Strong experience in web/backend pentesting.
• Fluency in Python, Rust, including secure programming in these languages.
• Kubernetes and cloud infrastructure  knowledge are required.
• Basic knowledge of Scala programming is a plus.
• Experience in HSM security is a plus.
• Good knowledge of exploitation techniques, and of mitigations against such techniques.
• Development of tools that automate security analysis.
• Design of secure architecture?
• Ability to develop and document methods, standards, and guidelines.

What's in it for you?

• Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow. 
• Flexibility: A hybrid work policy.
• Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks.
• Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage. 
• Well-being: Personal development, coaching & fitness with our dedicated partners.
• Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
• High tech: Access to high performance office equipment and gadgets, including Apple products. 
• Transport: Ledger reimburses part of your preferred means of transportation .
• Discounts: Employee discount on all our products.

Ledger guarantees fairness for all during the recruitment process, regardless of gender, ethnic origin, religion, sexual orientation, social status, disability or age