Senior Security Engineer, Cryptography

About Us

Founded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challenging risks. It has helped secure some of the world's most targeted organizations and devices. Our combination of novel research with practical solutions reduces the security risks that our clients face from emerging technologies. Our work helps drive the security industry and the public understanding of the technology underlying our world.

Cybersecurity preparedness is a moving target. Companies like ours are the tip of the spear in the fight against attackers. Our research-based and custom-engineering approach ensures that our client’s capabilities are at the forefront of what’s available. For companies and technologies that live and die by their security, a proactive, tailored approach is required to keep one step ahead of attackers.

Democratizing security information is essential. As part of our business, we provide ongoing informational support through blogs, whitepapers, newsletters, meetups, and open-source tools. The more the community understands security, the more they’ll understand why a company like ours is so unique and valuable.

Role

Trail of Bits seeks a Senior Security Engineer, Cryptography within our Assurance team responsible for reviewing low-level, high-assurance software in the finance, tech, defense, and blockchain industries. You will be part of a dynamic team that both engineers and reviews mission-critical cryptographic code, ensuring the implementation of novel cryptographic schemes is secure.

On any given day, you might perform code reviews across various technologies, develop new cryptanalysis tools, assist with topics ranging from standardized symmetric cryptography to post-quantum algorithms, or collaborate with academics on cutting-edge ideas. Working alongside some of the industry's best and brightest, you'll directly impact the growth of our Assurance practice.

You will independently manage your work and play a key role in conceiving new projects and driving the cryptography team forward. As an active member of the open-source cryptography community, you'll have the resources to directly influence the development landscape and help protect the safety and privacy of our clients' users.

What You’ll Achieve

• Cryptographic Assessment: Perform detailed code reviews and cryptanalysis across a wide range of technologies for our clients, producing public reports that detail findings and recommendations.
• Tool Development: Develop innovative tools for assessing the security of cryptographic libraries, contributing to the open-source cryptography community and improving industry standards.
• Client Engagement: Work directly with clients to help secure new business and acquire grants for new cryptography tooling, communicating complex technical material effectively.
• Research & Innovation: Stay current with the latest cryptography and security research, conceiving new projects for the cryptography team and collaborating with academics to implement cutting-edge ideas.
• Technical Communication: Create public reports, company blog posts, and deliver presentations to the technical community that showcase your accomplishments and expertise.

What You’ll Bring

• Cryptography Expertise: Experience in applied cryptography and cryptanalysis with a mathematical background sufficient for reading and implementing relevant academic research. Your deep understanding of cryptographic primitives, protocols, and their potential vulnerabilities will enable you to identify subtle issues that others might miss, even in complex implementations.
• Technical Proficiency: Experience with the Git (GitHub) workflow and proficiency in one or more programming languages including Rust, Go, C++, C, or Python. Your programming skills allow you to not only analyze cryptographic