Cryptography R&D Security Engineer

Cryptobedded · Paris, Rennes or Remote
Department Cryptobedded
Employment Type CDI
Minimum Experience Entry-level

Job Title: Cryptography R&D Security Engineer
Location: Paris, Rennes or Remote

Job Description

You believe crypto means cryptography? This job might be for you.

Within the QLab, you will participate in the expansion of our activities related to cryptography, which is at the core of Quarkslab's expertise. Quarkslab's interest for cryptography is broad, from modern cryptography to real-world applications and implementations. As a cryptography engineer, you will be consulted and involved in new products conception and new usages (i.e., PQC) defined by our clients.

While cryptography related audits could be different from one to another, the common core remains the same. We start by discussing with the clients to understand their needs and define the action plan. Following a technical kick-off, the next steps are to discover the product and interact with non-crypto engineers, for example, to check how protocols and algorithms have been chosen and how they are implemented, if the random generator is cryptographically sound, and if relevant, propose adaptations or different designs in order to adequately protect the goods handled by the product.

At Quarkslab, cryptographic engineers are also a resource to others, and help them to solve issues. Therefore, we are looking for profiles that can understand problems quicky, make others explain their struggles with more details, and explain crypto concepts to colleagues using plain words.

Being brought to interact with other experts, you will thus have the possibility to learn new skills from other Quarkslab engineers such as fuzzing, obfuscation or smartphones technologies. Learning and growing is fundamental to Quarkslab, that's why we propose internal trainings covering a wide range of topics.

We are looking for a curious person interested in taking up new challenges and investigating novel and well-known subjects related to theoretical and practical cryptography.
At Quarkslab, we enjoy performing research to smooth our audit activities, get better results as well as writing tools to facilitate our work. Within this role, you will have the opportunity to work on R&D projects in which you will step up and define new methodologies and proof-of-concepts to facilitate cryptography vulnerability research, and to share your knowledge in conferences and internally.

Having an academic background is not mandatory but strongly encouraged as we are looking for someone able to dig into academic articles, quickly sort out relevant and broken ideas, and keep the Quarkslab cryptography community alive by sharing ideas through internal presentations and welcoming external guests.

Still interested? Both junior and senior profiles qualify for this job offer so don't be frightened to apply!

Your responsibilities include:

  • Follow-up on the cryptography eco-system evolution based on your past knowledge and expertise, including known standards and guidelines
  • Propose and carry R&D work/topics
  • Share knowledge internally and externally, throughout Quarkslab's blogpost, internal presentations, trainings or conferences
  • Perform private security audit and consulting
  • Define, build, and carry internal trainings on cryptography
  • Help QLab's offer definition and presales

You are autonomous, eager for team-work, enthusiastic about sharing your knowledge, and you have experience in the following areas:

  • Symmetric and asymmetric cryptography
  • Post-quantum schemes
  • Knowledge of real-world protocols
  • Ability to understand most common programming languages (e.g., C, C++, JavaScript, Python)
  • General mathematical knowledge
  • Excellent writing skills
  • Ideally, knowledge of existing cryptographic security guidelines (e.g., "Guide des mécanismes cryptographiques" from ANSSI)
  • Ideally, white-box cryptography attacks and design
  • You are fluent in English.

About Quarkslab

Quarkslab is a French company specializing in information security R&D, consulting and software development. Our expertise is in combining offensive and defensive security to help organizations adopt a new security posture: Force the attackers, not the defender, to adapt constantly. Through our consulting services as well as our software we provide tailored solutions to organizations, helping them to protect their assets, sensitive data, and users against increasingly sophisticated attacks.

Quarkslab is an avid and active user of, and contributor to, Open Source Software and develops and maintains state-of-the-art security tools such as LIEF , QBDI, Triton, Irma, and several other projects.

We develop two commercial software products: QFlow, a platform to automate and orchestrate security analysis of files at scale, and QShield, advanced code and data protection software to disrupt code lifting, reverse engineering and tampering attacks.

About the Lab

Within Quarkslab, the Lab, composed of 38 engineers, carries out projects, internal or external, around the following themes:

  • Reverse engineering: understanding how a program works without having the source code;
  • Cryptography: analyzing or designing cryptography in applications to increase security properties;
  • Vulnerability research: evaluate the robustness of a target, identify vulnerabilities and develop exploits;
  • Hardware and software security: working on smart card-based systems, designing software and hardware architectures and testing their security level.

These projects are conducted in different technical environments, from general public operating systems to dedicated SOCs and hardware. We focus on the internal mechanisms of these systems with specific tools (see our public tools such as Triton, LIEF or QBDI). They are developed for our customers (software editors, industry, large accounts, administration), and in the framework of internal R&D projects.

Why work at Quarkslab?

Work with an amazing team, eager to learn and play with new approaches and technologies, mixing various skills (security, compilation, program analysis, reverse engineering, software engineering). International environment with offices in Paris and Buenos Aires (team croissants vs. team asado), representations in Tokyo and Singapore.

  • Attend conferences in your field, learn from many internal events (weekly conference, trainings, research activities).
  • Contribute and support Open Source Software: Our own tools and other people’s projects.
  • Flexible work hours, work from home.
  • Premium health insurance.

Recruitment Process:

  1. Call with our Talent Acquisition Manager
  2. Call with Hiring Manager
  3. Resolution of a technical challenge
  4. Technical interview in our Paris / Rennes offices or via video conference
  5. HR debriefing and job offer

Quarkslab is proud to be an equal opportunity employer in the workplace. We are committed to equal employment opportunity regardless of ethnicity, color, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability or gender identity. If you have a disability or special needs that require certain accommodations, please let us know and we will be happy to consider them.

Thank You

Your application was submitted successfully.

  • Location
    Paris, Rennes or Remote
  • Department
  • Employment Type
  • Minimum Experience