Trail of Bits

Senior Software Security Engineer, Research & Engineering

United States

Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Software Security, Research & DevelopmentIndustries

Position Overview

  • Location Type: Remote
  • Job Type: Full-time
  • Salary: $10,000

Trail of Bits is seeking a Senior Software Security Engineer within our Research & Engineering team to join our Compiler team. This role focuses on designing and implementing compiler-based security tools and frameworks across multiple compiler ecosystems, including LLVM, GCC, and JVM-based systems. You will work at the intersection of compiler technology, program analysis, and security engineering.

Requirements

  • Experience with C++, Rust, and LLVM toolchains.
  • Familiarity with compiler design and analysis techniques.
  • Understanding of security vulnerabilities and mitigation strategies.
  • Ability to work effectively in small, collaborative teams.

Responsibilities

  • Design and implement security-focused compiler passes and tools across multiple compiler ecosystems (LLVM, GCC, JVM, WebAssembly).
  • Develop and apply formal methods to verify critical properties of software.
  • Create practical tooling that bridges academic verification approaches with real-world codebases.
  • Enhance program analysis frameworks for JIT compilers.
  • Contribute to compiler security research and deliver practical solutions for clients.
  • Collaborate with other compiler experts, security researchers, and clients.

Company Information

Founded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challenging risks. It has helped secure some of the world's most targeted organizations and devices. Our combination of novel research with practical solutions reduces the security risks that our clients face from emerging technologies. Our work helps drive the security industry and the public understanding of the technology underlying our world. Cybersecurity preparedness is a moving target. Companies like ours are the tip of the spear in the fight against attackers. Our research-based and custom-engineering approach ensures that our clients’ capabilities are at the forefront of what’s available. For companies and technologies that live and die by their security, a proactive, tailored approach is required to keep one step ahead of attackers. Democratizing security information is essential. As part of our business, we provide ongoing informational support through blogs, whitepapers, newsletters, meetups, and open-source tools. The more the community understands security, the more they’ll understand why a company like ours is so unique and valuable.

Skills

C++
Rust
LLVM
Compiler design
Program analysis
Security vulnerabilities
Formal methods
JIT compilers
WebAssembly

Trail of Bits

Cybersecurity consulting and security research services

About Trail of Bits

Trail of Bits provides cybersecurity services focused on high-end security research and consulting for organizations facing complex security challenges. They specialize in areas such as reverse engineering, cryptography, virtualization, malware, and software exploits. Their services include security audits, secure deployment consulting, and developing solutions to address security vulnerabilities. The company caters to a diverse clientele, including major tech companies and government agencies, and generates revenue through consulting fees and training courses aimed at enhancing the skills of security teams. Trail of Bits distinguishes itself from competitors with its tailored consulting services and a strong emphasis on workplace culture, recognized as one of the best places to work. The goal of Trail of Bits is to help organizations effectively protect their systems and data from security threats.

New York City, New YorkHeadquarters
2012Year Founded
$5.2MTotal Funding
SEEDCompany Stage
Consulting, CybersecurityIndustries
51-200Employees

Risks

AI model unreliability in critical areas poses a risk for cybersecurity applications.
Emergence of pickle file attacks highlights vulnerabilities in machine learning models.
Focus on mobile security may divert resources from other critical cybersecurity areas.

Differentiation

Trail of Bits specializes in high-end security research and consulting services.
The company serves tech giants and government agencies with robust security measures.
Trail of Bits combines human intellect with computational power for meaningful security gains.

Upsides

Recognition as a leader in cybersecurity consulting boosts Trail of Bits' market credibility.
Partnerships with companies like Discord and Hugging Face expand their client base.
Involvement in iVerify's funding round shows strategic interest in mobile security.

Land your dream remote job 3x faster with AI