Apply now

Product Security Engineer - Post-Quantum Cryptography focus

Hybrid

Budapest, HU

Shape the future of digital collaboration and security

At Tresorit, we believe that secure collaboration is a key strategic factor for companies and organizations. Our platform enables individual teams, departments and companies to work efficiently with others - whether collaborating with colleagues, customers or partners.

As pioneers in data protection and security technology, we solve current digital challenges. Our solutions enable seamless, secure collaboration with end-to-end encryption. In doing so, we protect our customers' data and comply with regulations such as GDPR, HIPAA and NIS2. Our platform offers encrypted file sharing, digital signatures and secure emails.

All of this works without compromising on usability. Our platform is certified to the highest standards and used by over 30,000 customers worldwide. We enable companies to manage sensitive information securely and work more productively - without compromising on data protection and security.

We are proud to be an equal opportunities employer. We value fresh perspectives and exchange across team boundaries. To this end, we are looking for talented individuals who bring creativity, innovation and passion to their work. Whether you are just starting out or an experienced professional, you will find opportunities for further development with us. Work with us on solutions for a secure digital future!

About Tresorit:

 

We believe that professionals in all organizations should have a secure and easy way to collaborate with their sensitive and confidential information.

 

We provide a platform for departments, teams, and solo entrepreneurs, equipping them with secure solutions to engage efficiently with their coworkers, customers, and other organizations.

 

 

About the Product Security Team:

 

We, the Product Security Team, empower our product development teams with a secure, continuously improving ecosystem that enforces and strengthens software security at every stage of the development lifecycle and are committed to keep Tresorit products secure and our customers’ data safe.

 

We are driven by meaningful, creative challenges that allow for deep immersion, whether they’re high-level or more granular.

 

 

About the role:

 

We are looking for a Product Security Engineer whose primary objective is cryptography modeling and refining Tresorit’s end-to-end encrypted architecture, and especially taking part in Tresorit’s already ongoing post-quantum cryptography migration across the product stack. You will also have the opportunity to work across platforms, including frontend, backend, and native code, CI/CD pipelines, and other aspects of our software development lifecycle.

 

You will work with a broad array of innovation challenges. As a new member of a small, agile team, you will be working with other team members to improve the product development lifecycle primarily by maintaining and enhancing our cryptographic SDK’s security posture and related infrastructure across the value delivery chain.

 

Sometimes you will support the work of product engineering teams for the ultimate goal of designing, building, and improving end-to-end encrypted, easy-to-use commercial cloud products and services that are derived from an understanding of the business, its actors, and the technology blocks. Sometimes, you will also take part in developing directly user-facing product features.

 

 

Responsibilities:

 

  • Taking part in continuously improving our software development lifecycle from a security perspective by introducing, maintaining, and refining custom-built or off-the-shelf cryptographic models, primitives, tools, processes, and algorithms, as well as making sure that all new products and features are in line with out security objectives and promises,
  • Reviewing our products’ source code and infrastructure for vulnerabilities, misconfigurations; keeping up-to-date with the latest security trends,
  • Taking part in the planning of new product features to make sure that they are secure both from the perspective of the customers and our backend infrastructure,
  • Consulting other development teams to evaluate and mitigate various risks; handling external vulnerability reports,
  • Developing and maintaining tools which continuously scan our source code, our services and local and remote infrastructure for vulnerabilities and automating various (e.g., remediation) tasks,
  • Training our engineers in security best practices and giving insights to other teams regarding security-related topics (including e.g., writing blog post content which directly reaches our customers).

 

 

Desired qualifications and skills:

 

  • 3 or more years of experience working in software development,
  • Experience and passion for information security,
  • Knowledge in applied cryptography (e.g., cryptographic primitives, PKI), using crypto libraries (e.g., Web Crypto API, OpenSSL, Bouncy Castle),
  • Knowledge of or willingness to work with some of the following programming languages and related technologies: C++ / TypeScript / WebAssembly / .NET,
  • Ability to understand abstract security models and translate them into working software (and vice versa),
  • Good written and verbal communication skills in English,
  • Fast-learner and self-motivated attitude,
  • Ability to work both in a team and independently by taking ownership of problems and planning their solutions.

 

 

It is an advantage if you have:

 

  • Experience with post-quantum cryptography,
  • Experience with cloud services, especially Microsoft Azure,
  • Experience with the following tools: Git, Jenkins, Azure DevOps
  • Experience in developing and maintaining security-related tooling,
  • Experience with static code analysis, fuzzing, reverse engineering,
  • Experience with front-end development (Angular and/or React with TypeScript),
  • Contributions in active open-source projects.

 

 

What we offer:

 

Competitive base salary with a wide range of extra benefits, like:

    • Cafeteria-system,
    • annual bonus,
    • private health insurance plan,
    • gym subsidies,
    • free mobile subscription,
    • learning and self-development opportunities,
    • flexible working hours & hybrid working conditions,
    • paid parental leave,
    • in-office snacks & beverages,
    • team building days.

 

 

How to apply:

 

Get started by clicking "Apply now" and attaching your resume for consideration. We encourage you to apply even if you believe you do not meet every single qualification. Many excellent candidates do not check every box, and that is okay. We are happy to recognize the potential in motivated people, and work in an environment where we can grow and learn together.

Apply now