View job here

We are looking for a Senior Software Security Analyst & Engineer to join our team.

The Senior Software Security Analyst & Engineer performs security research, analysis and engineering as part of the Least Authority Security Consulting team. The role responsibilities include:

  • Security analysis of system design and specification 
  • Manual code review and implementation security analysis
  • Documentation of findings, including providing recommendations to prevent and/or safeguard against security vulnerabilities
  • Working collaboratively with fellow security researchers to achieve project team objectives
  • Communicating effectively within the team, and externally with Security Consulting clients

Expert knowledge of one or more languages, including, but not limited to, Rust, Go, C(++), Circom, zokrates, Solidity, Javascript, and Clarity is required, along with familiarity with latest security best practices and current knowledge of the latest advancements in related fields.

In addition, the role requires expert knowledge of theoretical cryptography and implementation and/or expert knowledge in distributed systems and consensus mechanism analysis.  

We work with a variety of ecosystems, including, but not limited to, Ethereum, Polygon, Mina, Stacks, Cosmos, and Substrate.

About Least Authority

Least Authority is committed to building and supporting the development of usable technology solutions and ethical business practices to advance digital security and preserve privacy as a fundamental human right.

As part of our business, we provide security consulting services to help others make their solutions more secure. We support teams from the design phase through the production launch and after through a variety of security consulting services.

Additionally, we develop usable products that advance digital security and protect the privacy of users and contribute to various communities to promote the use of secure systems and privacy-protecting technology.

Why join Least Authority?

  • We are a remote first company,  headquartered in Berlin;
  • Our team provides flexible working arrangements;
  • We offer continuous learning  opportunities;
  • We operate based on ethical business practices;
  • We are a mission-driven company;
  • We value Diversity & Inclusion; and
  • We can legally employ our team members from remote and support with relocation to Germany.

Position responsibilities: 

  • Conduct research on software and related technology to look for security issues, with a focus on critical vulnerabilities as known through industry best practices;
  • Analyze technical designs documentation and specifications for potential security issues, vulnerabilities and other flaws;
  • Perform manual code reviews and investigate for potential security issues in code repositories and codebases, along with related code comments, tests and dependencies;
  • Analyze and propose potential mitigation and remediation strategies for security issues found;
  • Communicate with team members specific security issues and general findings found during research activities;
  • Design new approaches to security issues in code and systems;
  • Develop potential solutions, including but not limited to producing documentation, code and other helpful artifacts; 
  • Engineer systems, tools and products, to help with the security of data in transit and at rest, including privacy enhancing technologies; 
  • Develop preventative approaches to help avoid security issues; 
  • Actively participate in project report preparation activities;
  • Provide these research and engineering activities for both consulting engagements and internal projects;
  • Work cross-functionally to meet project deadlines and goals;
  • Participate in team efforts, including meetings, to facilitate collaboration towards shared project and Company goals;
  • Possess and share knowledge as it relates to current security best practices and industry advancements; and 
  • Anything else as mutually agreed.

Learn more about our security consulting work by browsing our published reports.