About the company
Founded in Paris in 2014, LEDGER is a global platform for digital assets and Web3. Ledger is already the world leader in Critical Digital Asset security and utility. With more than 6M devices sold to consumers in 200 countries and 10+ languages, 100+ financial institutions and brands as customers, 20% of the world’s crypto assets are secured, plus services supporting trading, buying, spending, earning, and NFTs. LEDGER’s products include: Ledger Stax, Nano S Plus, Nano X hardware wallets, LEDGER Live companion app, [ LEDGER ] Market, the world’s first secure-minting and first-sale distribution platform, and Ledger Enterprise. With its ease of use, LEDGER allows a user to begin investing in digital assets and ultimately, achieve financial freedom in a safe and stress-free environment.
Job Summary
Your mission
📍Define, document and promote secure software development practices across Ledger’s engineering teams. 📍Build and maintain security tooling to support automated analysis, vulnerability detection, and enforcement of secure coding standards. 📍Drive the adoption of security checks and controls in the CI/CD pipeline (e.g. linters, SAST, dependency scanning). 📍Own and improve our quorum-based release security process, ensuring that only reviewed, signed, and approved builds can be released to production. 📍Provide guidance and support to developers on secure design and implementation decisions. 📍Contribute to the definition and implementation of internal security standards, guidelines, and checklists. 📍Partner with the Product Security, Donjon, and Software teams to ensure security is a shared responsibility throughout the SDLC. 📍Monitor industry trends and adapt internal practices to evolving threats and technologies. 📍Help ensure compliance with internal and external security requirements (e.g. certifications, audits).
What we’re looking for
đź“Ť Strong experience with secure software development processes and practices (e.g. threat modeling, secure coding, security testing). đź“ŤPractical experience implementing and managing security tooling in a CI/CD environment. đź“ŤExperience writing or maintaining security-related documentation and standards. đź“ŤFamiliarity with modern software delivery practices (e.g. GitOps, infrastructure as code). đź“Ť A pragmatic mindset focused on enabling developers rather than blocking them. đź“ŤPrior experience working with or managing secure release models is a plus. đź“ŤGood understanding of risk assessment and software architecture security.
The crypto industry is evolving rapidly, offering new opportunities in blockchain, web3, and remote crypto roles — don’t miss your chance to be part of it.
