[Remote] Principal Security Engineer, Application Security at Trail of Bits

United States

Apply Now

Not SpecifiedCompensation

N/AExperience Level

N/AJob Type

Not SpecifiedVisa

N/AIndustries

Requirements

Experience with AI Security Innovation, leveraging LLMs for code analysis and vulnerability pattern recognition
Experience conducting comprehensive security assessments across diverse technology stacks (web applications, cloud-native architectures, mobile platforms, system-level software)
Experience identifying critical vulnerabilities in authentication systems, API security, access controls, and platform security mechanisms
Experience leading sophisticated threat modeling exercises and architecture security reviews for complex distributed systems
Experience with code review across multiple languages (JavaScript/TypeScript, Python, Go)
Experience working with C-level executives and engineering leaders

Responsibilities

Lead complex and high-impact client engagements within the Software Assurance practice
Drive comprehensive security assessments
Mentor team members
Shape the strategic direction of application security initiatives
Serve as the technical authority on engagements involving sophisticated software systems
Conduct threat modeling exercises
Perform architecture reviews of complex distributed systems
Perform deep code analysis across modern and legacy codebases
Develop methodologies for the Application Security team
Build tooling to scale the impact of the team
Represent Trail of Bits at the forefront of application security innovation
Translate complex security findings into business impact and actionable roadmaps
Collaborate with the Research & Engineering team to secure funding for advanced security research
Contribute to publications

Skills

Trail of Bits

Cybersecurity consulting and security research services

About Trail of Bits

Trail of Bits provides cybersecurity services focused on high-end security research and consulting for organizations facing complex security challenges. They specialize in areas such as reverse engineering, cryptography, virtualization, malware, and software exploits. Their services include security audits, secure deployment consulting, and developing solutions to address security vulnerabilities. The company caters to a diverse clientele, including major tech companies and government agencies, and generates revenue through consulting fees and training courses aimed at enhancing the skills of security teams. Trail of Bits distinguishes itself from competitors with its tailored consulting services and a strong emphasis on workplace culture, recognized as one of the best places to work. The goal of Trail of Bits is to help organizations effectively protect their systems and data from security threats.

New York City, New YorkHeadquarters

2012Year Founded

$5.2MTotal Funding

SEEDCompany Stage

Consulting, CybersecurityIndustries

51-200Employees

Risks

AI model unreliability in critical areas poses a risk for cybersecurity applications.

Emergence of pickle file attacks highlights vulnerabilities in machine learning models.

Focus on mobile security may divert resources from other critical cybersecurity areas.

Differentiation

Trail of Bits specializes in high-end security research and consulting services.

The company serves tech giants and government agencies with robust security measures.

Trail of Bits combines human intellect with computational power for meaningful security gains.

Upsides

Recognition as a leader in cybersecurity consulting boosts Trail of Bits' market credibility.

Partnerships with companies like Discord and Hugging Face expand their client base.

Involvement in iVerify's funding round shows strategic interest in mobile security.

Land your dream remote job 3x faster with AI

Try Jobo Free