Trail of Bits
Deepening the Science of Security
Remote
Remote

Senior Vulnerability Researcher, Research

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
About Trail of Bits
Trail of Bits serves clients in the defense, tech, finance, and blockchain industries. We help with their most difficult security challenges by designing and building new technology, researching new techniques to advance the state of practice, and reviewing the security of the latest available technology products before they hit the market.

Role
Our research team is looking for self-motivated teammates interested in exploring low-level technologies. We focus on discovering vulnerabilities, traversing security boundaries, and executing arbitrary code. You are expected to be at the forefront of security: researching, discovering and exploiting vulnerabilities in complex systems with millions of lines of code and the most advanced modern mitigations. Our team is fully remote, with a strong culture of teamwork and an interest in difficult projects. We often work in small fluid teams of 2-3 people, and encourage all researchers to learn from and contribute their expertise to all ongoing projects. We encourage moving between projects so as to develop and grow our internal expertise. We value creativity and deep understanding of software. Solid engineering skills are required for developing custom tooling to assist in your work. We encourage frequent communication between team members as it is essential to our success.

Responsibilities

  • Discover software vulnerabilities in complex code bases
  • Research exploitation and security mitigation bypass techniques
  • Reverse engineer software using IDA Pro and HexRays decompiler
  • Navigate and understand large source code codebases
  • Fully understand systems and identify trust/security boundaries and attack surfaces
  • Write detailed technical documentation
  • Develop custom tools to assist in your work
  • Proficiency working both independently and within a team

Requirements

  • Demonstrated successes in the discovery of software vulnerabilities
  • Focus on achieving the highest possible reliability
  • Detailed understanding of how computers work
  • Experience using IDA and HexRays
  • Familiarity with compiler internals
  • Familiarity with operating system architecture
  • Have an open mind and learning mindset
  • Proficient in C and C++
  • Proficient in Python
  • Proficient in X86-64 and ARM64
  • Experience with IDA Pro scripting and plugin development (HexRays a plus)
  • Desire to learn both new and old technologies
  • Desire to develop solutions as good as they can possibly be
  • Ability to communicate and document how complex systems work
  • Ability to stay motivated and focused while solving challenging problems

Company Perks

  • Flexible workforce with most team members choosing to work from home. We encourage you to harness your personal working style to let you work best.
  • Liberal expense policy for acquiring equipment and software that helps you do your job. If we need anything to work effectively, we buy it.
  • Realistic research tempo and expectations when working on challenging problems. Work-life balance that encourages long-term success.
  • Helpful IDA plugins
  • Exceptional employee benefits


See More
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C++Languages
    • GolangLanguages
    • KotlinLanguages
    • PythonLanguages
    • SwiftLanguages
    • CLanguages
    • HaskellLanguages
    • ReactLibraries
    • LLVMFrameworks
    • RocksDBDatabases
    • SQLiteDatabases
    • Google AnalyticsAnalytics
    • InVisionDesign
    • TrelloManagement
    • WordpressCMS
    • WebFlowCMS
    • PipedriveCRM
    • MailChimpEmail
Previous
Next

What are Trail of Bits Perks + Benefits

Trail of Bits Benefits Overview

Our payroll, healthcare, and other HR benefits are delivered through JustWorks. Employees have a choice between 4 healthcare plans, 2 vision plans, and 2 dental plans, each of which are covered 100% or have only modest costs associated with them.

Our benefits package also includes:
- Short and long term disability insurance and life insurance
- A Flexible Spending Account (FSA) for pre-tax healthcare expenses
- Commuter benefits for pre-tax subway cards, parking, and bicycle rentals (applicable to those in NYC)
- Access to healthcare services from One Medical, Teladoc, and Health Advocate
- Gynecology and fertility care through Kindbody
- A 401(k) delivered through Betterment with 5% company matching
- Carbon offsets for all corporate travel through Project Wren

Culture
Friends outside of work
Eat lunch together
Daily sync
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Diversity
Unconscious bias training
We work with LifeLabs once per year to deliver an unconscious bias and behaviors of inclusion training to our employees.
Hiring Practices that Promote Diversity
Inclusive language in job postings, prioritize under-represented groups in our hiring pipeline, work with specialized recruiters, avoid whiteboard coding during interviews.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Trail of Bits employees can contribute up to $2750 annually to their FSA.
Disability Insurance
Short-term Disability insurance covers 60% of weekly salary up to $1,000 weekly maximum payout. Long-term Disability insurance covers 60% of monthly salary up to $5,000 monthly maximum payout.
Dental Benefits
Choose between premium MetLife or Aetna PPO+ dental plans, at no cost to the employee.
Vision Benefits
Choose between premium MetLife or Aetna Vision+ plans, at no cost to the employee.
Health Insurance Benefits
Trail of Bits health insurance policy covers up to 100% of out of pocket expenses. All health insurance plans include access to HealthAdvocate, OneMedical on-demand primary care, and Teladoc.
Life Insurance
All full time employees receive $50,000 in Life Insurance and $50,000 in AD&D Insurance at no cost to the employee
Wellness Programs
Full time employees in qualifying locations have access to fitness club discounts, a gym membership stipend, ClassPass, and bike share membership.
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Trail of Bits provides employees with a 401(k) matching plan managed by Betterment. We match 5% of employee's annual gross pay.
Performance Bonus
Match charitable contributions
Trail of Bits will match $2000 of charitable donations per year.
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
We maintain a flexible work schedule that cares more about results than time in the office.
Remote Work Program
Family Medical Leave
Vacation & Time Off Benefits
Generous PTO
Trail of Bits employees receive 20 days per year of paid time off.
Paid Holidays
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Relocation Assistance
Fitness Subsidies
Home Office Stipend for Remote Employees
Professional Development Benefits
Job Training & Conferences
Lunch and learns
We regularly host team reviews of new academic research publications.
Cross functional training encouraged
Promote from within
Time allotted for learning
Learning is a continuous activity at Trail of Bits, and employees are bonused for completing online classes, frequently collaborate in study groups, and meet to discuss recent academic papers.

An Insider's view of Trail of Bits

What’s the vibe like in the office?

Our offices are very easy going. Since half our employees are remote, we’re a remote-first company that just happens to have 20 people working in NYC. This gives us the benefit of a flexible remote culture but also have a place to get away from home and socialize with coworkers without rigid hours.

Ryan

Principal Security Engineer

How do you collaborate with other teams in the company?

Half of Trail of Bits is remote, so online collaboration and communication keeps us running. We make heavy use of Slack, Google Docs, Github, Trello, and video calls. Each project has its own Github repository and Slack channel, where most project communication occurs. A weekly video call provides high-level updates to the whole company.

Artem

Principal Security Engineer

What makes someone successful on your team?

My coworkers generally have deep knowledge in a technical area such as systems engineering, software vulnerabilities, cryptography, or something else and many are organized, good at communicating, and work well with a team. To be successful on the team I think it is best to be open minded, willing to learn new things, and easy to work with.

Sam

Senior Security Engineer

How would you describe the company’s work-life balance?

Trail of Bits makes it really easy for each of us to create the work-life balance that works for us as individuals. There is a lot of flexibility around when and where we work, and our tools and workflows make collaboration easy in a variety of settings.

Amelia

Director of Operations

More Jobs at Trail of Bits