Application Security Engineer
Join our Software Assurance team!
The Trail of Bits Software Assurance team exclusively reviews low-level and cloud-native software for security issues. Our team is comprised of experts in operating systems, compilers, and cloud infrastructure with a keen eye for applying research and developing custom tools to enhance our reach. Between engagements, we apply our engineering skills to build custom tools to rapidly assess, exploit, or secure the code that we work with.
Role Description
As an application security engineer, you will be part of a small, dynamic team that reviews highly trusted code on behalf of our clients. On any given day, you may be building cheats for DRM'd video games, exploiting elevation of privilege vulnerabilities in kernel drivers, or reviewing isolation primitives intended to contain the effects of exploitation. Since our team is small, you will own everything that you do and play a key role in conceiving of new projects. You will collaborate frequently with our R&D team to help secure funding from government agencies for software security research that advances the state of the art, both within our team and the industry at large.
Responsibilities
- Work directly with leading industry teams to review their code and help secure their products
- Design and implement solutions to difficult engineering and research problems
- Collaborate with teammates to maintain and continually improve our existing security tools using modern software engineering practices
- Develop new security tools
Requirements
- Experience with low-level or cloud-native software, either as an engineer or security researcher
- Sufficient background in computer science to read relevant academic research
- Background in or prior regular use of programming language theory a plus
- Familiar with the agile development, Github flow, and modern software engineering practices
- Proficiency in one or more programming languages (we use C++, C, Python, Go, Rust, and Haskell)
- Strong debugging skills and/or experience with reverse engineering
- Clear communicator and quick to participate in deep technical discussions
- Highly self-motivated and able to drive new projects
- Attracted to learning new technologies
- Able to communicate complex technical material to clients and funding agencies
- Adept at writing. We highly encourage all engineers to get regular face-time with clients, write company blog posts about their accomplishments, and deliver presentations to the technical community.
Benefits
- Our workforce is 50% remote. Many employees choose to work from home. As long as you keep delivering good work, we keep our hands off your personal style and let you manage your work day as you work best.
- Liberal expense policy for acquiring the equipment and software that help you do your job. If we need hardware, we buy it. Everyone has rack space and corporate cards.
- We can tell you exactly what projects you'll work on and the people you'll work with. If it's not what you want, no need to initiate a lateral transfer, we can shift your work without an issue.
- Every year, we pay for the best in conference training, technical training, and managerial classes for our team. Everyone is encouraged to identify additional opportunities for personal professional growth.
- We routinely highlight the work our employees are specifically paid to do via our blog, product offerings, and conference talks. We talk about more than just side projects.
- We're at the forefront of a number of markets and have the internal expertise and the ambition to capitalize on those opportunities. See your work in use and valued by many others.
Benefits for Eligible US Employees
- Multiple generous health, vision, and dental insurance plans including no-monthly-premium options supporting individuals and families through JustWorks
- Ancillary benefits including life and disability insurance, pre-tax commuter benefits, free Citi Bike membership, access to a HealthAdvocate, a healthcare Flexible Spending Account (FSA), and a free One Medical membership
- 3-4 months paid parental leave
- 401k with 5% company matching through Betterment
- Moving expenses: $5k one-time
- Charitable donation matching up to $1,000
- Bonuses for recruiting, public speaking, tool releases, blog posts, academic posters, proposals, and whitepapers, and end-of-year bonuses based on company, team, and personal performance
- 14 company holidays and four weeks of Paid Time Off (PTO)
- Carbon offsets for your personal and corporate carbon emissions through Project Wren
- $5,000 relocation assistance if you move to NYC