Remote Remote (Global) Employment $100,000 - $200,000

Trail of Bits is hiring a Security Engineer, Application Security

About the Role

The role involves assessing software systems for security flaws, designing mitigation strategies, and contributing to tools and methodologies that enhance application security across various platforms and technologies.

Responsibilities

Analyze software for security weaknesses using manual and automated techniques
Develop and maintain tools to detect and prevent application-level vulnerabilities
Collaborate with engineering teams to integrate security practices into development workflows
Conduct code reviews with a focus on identifying security risks
Research emerging threats and vulnerabilities in modern software ecosystems
Create proof-of-concept exploits to validate vulnerability impact
Support red team and penetration testing initiatives
Improve static and dynamic analysis capabilities for codebases
Document findings and remediation steps clearly for technical and non-technical audiences
Advocate for secure coding practices across development teams
Evaluate third-party libraries and dependencies for security risks
Assist in the design of secure system architectures
Stay current with advancements in application security and offensive techniques
Contribute to open-source security tools and frameworks
Provide guidance during incident response related to application flaws
Help shape security standards and policies for software development
Perform threat modeling for new and existing systems
Assess API security across web and mobile platforms
Work on binary analysis and reverse engineering when needed
Support compliance and audit efforts related to software security
Mentor junior team members in security best practices
Communicate risk levels and technical details to stakeholders
Evaluate cryptographic implementations for correctness and strength
Test for common web vulnerabilities such as injection, XSS, and CSRF
Assist in automating security testing within CI/CD pipelines

Compensation

Competitive salary based on experience and location

Work Arrangement

Hybrid work model with office and remote options

Team

Collaborative team of security researchers and engineers focused on technical depth and innovation

What We Value

Technical excellence and curiosity
Clear communication of complex topics
Ownership of projects and outcomes
Commitment to ethical security practices
Contributions to public knowledge and open-source projects

Security Research Focus

Emphasis on discovering novel vulnerabilities
Development of new analysis techniques
Publication of findings in public venues
Building tools that scale security assessments

Sponsorship available for qualified candidates

Invoicing holding you back?

Focus on work, not paperwork

Stop worrying about invoicing, taxes, and compliance. Glopay handles the business setup, you handle the client work. Get paid faster and look professional.

Auto-generated compliant invoices

Built-in expense management

Income reports for tax season

95% of earnings stay with you

Try Glopay free

No credit card needed

About company

Trail of Bits helps secure some of the world's most targeted organizations and products. Since 2012, the company has combined high-end security research with a real-world attacker mentality to reduce risk and fortify code.

Their services include software assurance, security engineering, and research and development, with expertise in systems software, blockchain, cryptography, and more. They offer custom tools, vulnerability remediation, and expert training in areas like reverse engineering, penetration testing, and threat modeling.

Trail of Bits also develops security products such as iVerify for mobile device security and contributes to open source projects. They are recognized as a leader in cybersecurity consulting and a Best Place to Work.

All jobs at Trail of Bits Visit website

Job Details

Department Software Assurance

Category security

Posted 5 days ago