Senior Software Engineer – Analysis at ForAllSecure – Remote (America or Europe)

The chance:

We are looking for exceptional candidates to join our Analysis Engineering team to work on and improve the analytics engine behind Mayhem, the core of our product responsible for discovering bugs and security vulnerabilities. To date, Mayhem has found vulnerabilities in open source projects, components in aircraft and automotive systems, and well-known embedded devices. This is just the beginning as we bring automation, usability, and scalability to Mayhem for today’s software security challenges.

At ForAllSecure, you will join a talented, ambitious engineering team that creates truly new technologies and products that change the way people see themselves and the world. If you are someone who is passionate about writing the future of software security, this is the place for you!

What you will do:

• Work on advanced technology designed to find vulnerabilities and shorten the cycle of identifying and fixing software bugs
• Collaborate with teammates, both locally and remotely, via pull requests, one-on-one conversations, Slack, etc.
• Develop new features, fix interesting bugs, write tests and review your teammates’ code
• Collaborate with support engineers and customers to improve the security and quality of software in their ecosystem
• Build expertise and responsibility for specific components of the Mayhem ecosystem

You are someone who:

• Demonstrates a passion for building innovative and easy-to-use tools for finding bugs, improving code quality and security, and enhancing the debugging experience
• Has a strong basic knowledge of computer science, demonstrated by a bachelor’s, master’s, or doctoral degree in computer science or a related discipline
• Has experience with system level programming in Linux
• Is proficient in Rust, Python and/or C/C++ development
• Has knowledge of general compiler concepts: types, code generation, register allocation, stack frames, inlining, and control flow graphs
• Has knowledge of binary execution formats, assembly, linkers and loaders
• Has knowledge of operating system concepts (memory management, process lifecycle, I/O, etc.)
• Has a background in vulnerability research or reverse engineering (preferred)
• Previous experience with program analysis technologies such as fuzzing and symbolic execution (preferred)
• Is familiar with modern exploitation techniques and mitigation/countermeasures (preferably)
• Experience with runtime analysis tools (such as Valgrind or LLVM sanitizers) (preferred)
• Has knowledge of OCaml, Haskell or other functional programming languages ​​(preferred)
• Familiar with containerization technology (Docker/OCI) (preferred)

Who we are:

Us hunger because success directs our actions. We have respect for everyone, respect that people have different opinions and strive to reduce unconscious bias. We are committed to accountability, transparency and responsible in our actions towards our customers and each other. We have a growth mindsetbelieve that challenges can be opportunities and ask ourselves what we can do 10% better every time.

We believe in a world where autonomous application security allows us to move faster and defeat attackers. We don’t believe the status quo works, because companies are developing software much faster than they can manually secure it. We’ve developed an autonomous appsec AI engine called Mayhem that automatically tests and finds new zero-day exploitable vulnerabilities before attackers can. Mayhem was tested in and won the DARPA (Defense Advanced Research Project Agency) Cyber ​​​​Grand Challenge, and was showcased at the US Smithsonian Museum. ForAllSecure is bringing Mayhem to the world as an enterprise sellable technology.

ForAllSecure customers include Roblox, Cloudflare, Motional, US CyberCommand, with applications ranging from securing online platforms used by millions to mission-critical systems. Fortune 1000 companies in aerospace, automotive, and high-tech partner with ForAllSecure for scalable, advanced security testing that keeps pace with increasing development speeds and deployment frequencies. Other awards include the 2021 SINET 16, the 2021 Global Infosec Award, and MIT Technology Review as one of the 50 Smartest Companies. We are backed by NEA and KDI, and just raised our Series B funding.

EEOC Statement

ForAllSecure is committed to the principle of equal employment opportunity for all employees and to providing a work environment free from discrimination and harassment to employees. We are committed to living our core values ​​of hunger, respect, responsibility and a growth mindset. All employment decisions are based on business needs, job requirements and individual qualifications, without regard to veteran status, military status, race, color, religion, sex, sexual orientation, gender identity, age, pregnancy (including childbirth, lactation and related medical conditions), national origin or ancestry, citizenship status, physical or mental disability, genetic information (including tests and characteristics) or any other status protected by federal, state or local laws. ForAllSecure’s commitment to equal employment opportunity applies to all individuals engaged in our operations and we prohibit unlawful discrimination by any employee.

This policy applies to all terms and conditions of employment, including recruitment, hiring, promotion, termination, leaves of absence, compensation and training.

E-Verify Employer (US Applicants)

ForAllSecure participates in E-Verify. For more information about E-Verify, click on the links below: