About Ledger

We’re a team of experts pushing the limits of what’s possible, united by our common goal to unlock true freedom through digital ownership, making technology accessible for all. We believe in a world where users, creators and enterprises manage their value with ownership and freedom. Our curiosity drives us to innovate, empowering individuals on a global scale. We believe change is constant and our team moves forward as one, with a culture of problem-solving where every employee is empowered and supported to challenge tradition and create solutions. Our mission is simple: to make self-custody accessible and give people the keys to their own financial futures. If you want to make a true impact, we want you to join us at Ledger.

At Ledger, we’re proud to be the global platform for digital assets and Web3, with over 20% of the world’s crypto assets secured through our Ledger devices. With our headquarters in Paris, and offices in Vierzon, Grenoble, Montpellier, London, Portland, Geneva, Zurich and Central Singapore, we have a team of around 600 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 7.5 millions units already sold in 200 countries.

The team

Donjon is the team in charge of the security of all the products built at Ledger.

What you’ll be doing:

As a security engineer dedicated to consumer services, your daily job will be to attack our products and the whole ecosystem they interact with, in order to maintain and improve our leadership in the industry.

• Collaborate with development teams to identify and address vulnerabilities in backend services, APIs, and supporting infrastructure,

• Research cutting-edge offensive security techniques,

• Develop tools and exploits for our products, and provide fixes for them,

• Conduct security assessments and threat modeling for Ledger's services ecosystem, including DeFi services and Ledger Live-related services,

• Promote writing secure code to engineering teams,

• Present your work in academic and hacking conferences all over the world.

What we're looking for:

• Strong experience in web/backend pentesting.

• Fluency in Python, Rust, including secure programming in these languages.

• Kubernetes and cloud infrastructure knowledge are required.

• Basic knowledge of Scala programming is a plus.

• Experience in HSM security is a plus.

• Good knowledge of exploitation techniques, and of mitigations against such techniques.

• Development of tools that automate security analysis.

• Design of secure architectures.

• Ability to develop and document methods, standards, and guidelines.

At Ledger, we are dedicated to continually investing in our employees which is why we offer more than just salaries; we provide comprehensive compensation packages that include a wide range of benefits. Here are some of the benefits you can look forward to: (delete as appropriate)

• Flexible work options - Our hybrid policy allows employees to work from home up to 3 times per week

• Health & Wellness support - Health and Life Insurance.

• Financial growth opportunities - Employees can become shareholders in Ledger as well as other financial benefits depending on your country of work.

• Commuter allowance - Ledger offers a commuter allowance to contribute to your preferred means of transportation.

• Learning & Development - A comprehensive suite of training solutions providing a personalised learning experience for every employee.

For regionally specific benefits, your Talent Acquisition contact will be able to provide you with more information.

We’re committed to building an inclusive hiring process. If you need any adjustments or accommodations, just let us know, we’ll do our best to support you.