Senior Security Engineer SDLC
We're making the world of digital assets accessible and secure for everyone. Join the mission. Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 20% of the world’s crypto assets are secured through our Ledger Nanos.
Headquartered in Paris and Vierzon, with offices in UK, US, Switzerland and Singapore, Ledger has a team of more than 900 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 6 millions units already sold in 200 countries.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Hear from our employees how they shape the work we do here.
You will be part of our Security team and your responsibility will be to define and promote secure software development best practices across our engineering team and help ensure compliance with internal and external security standards and requirements.
Your mission
● Define, document and promote secure software development practices across Ledger’s engineering teams.
● Build and maintain security tooling to support automated analysis, vulnerability detection, and enforcement of secure coding standards.
● Drive the adoption of security checks and controls in the CI/CD pipeline (e.g. linters, SAST, dependency scanning).
● Own and improve our quorum-based release security process, ensuring that only reviewed, signed, and approved builds can be released to production.
● Provide guidance and support to developers on secure design and implementation decisions.
● Contribute to the definition and implementation of internal security standards, guidelines, and checklists.
● Partner with the Product Security, Donjon, and Software teams to ensure security is a shared responsibility throughout the SDLC.
● Monitor industry trends and adapt internal practices to evolving threats and technologies.
● Help ensure compliance with internal and external security requirements (e.g. certifications, audits).
What we’re looking for
● Strong experience with secure software development processes and practices (e.g. threat modeling, secure coding, security testing). ● Practical experience implementing and managing security tooling in a CI/CD environment.
● Experience writing or maintaining security-related documentation and standards.
● Familiarity with modern software delivery practices (e.g. GitOps, infrastructure as code).
● A pragmatic mindset focused on enabling developers rather than blocking them.
● Prior experience working with or managing secure release models is a plus.
● Good understanding of risk assessment and software architecture security.
Technical Skills
● Proficiency in scripting and automation (Python, Bash, etc).
● Familiarity with code analysis tools (linters, SAST, dependency scanners like Snyk or Trivy).
● Understanding of common software vulnerabilities (e.g. OWASP Top 10) and how to prevent them.
● Experience with GitHub workflow and build systems.
● Knowledge of secure release workflows (signing, approvals, reproducible builds).
● Experience in C, Rust, Scala, or embedded environments is a plus.
● Basic knowledge of cryptography and secure communications protocols is a plus.
What’s in it for you?
● Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow.
● Flexibility: A hybrid work policy.
● Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks.
● Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage.
● Well-being: Personal development, coaching & fitness with our dedicated partners.
● Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
● High tech: Access to high performance office equipment and gadgets, including Apple products.
● Transport: Ledger reimburses part of your preferred means of transportation.
● Discounts: Employee discount on all our products.
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
At Ledger, we're on a thrilling mission to make digital assets accessible and secure for everyone. As a Senior Security Engineer specializing in the Software Development Life Cycle (SDLC), you will play a pivotal role in shaping the security landscape at our company. Founded in 2014, Ledger is recognized as the global leader in the crypto space, securing over 20% of the world’s crypto assets with our innovative Ledger Nanos. Based in the tech-savvy hub of Paris, you’ll be part of a diverse team of over 900 professionals committed to developing state-of-the-art products that empower individuals and enterprises to manage their crypto securely. In this role, you'll define and promote secure software development best practices, drive security checks within our CI/CD pipeline, and foster a culture of security across our engineering teams. You’ll also have the opportunity to lead efforts in security tooling, automate vulnerability detection, and ensure compliance with both internal and external security standards. By collaborating closely with various teams, you'll help us enhance the trust and transparency that are core to Ledger's values. If you're passionate about molding a secure digital future and enhancing the security of software development practices, we can’t wait for you to join us on this journey!
Lead cross-functional teams in delivering impactful products at Ledger, a global digital assets platform, as their next Senior Project Manager.
Join Ledger as an Associate Product Manager and help shape the future of digital assets within a dynamic and international team.
Join Splice as a Senior Engineering Manager and lead a team in driving innovation for a top-tier music creation platform.
As a Principal Engineer - Civil at Avangrid, you'll oversee major infrastructure projects while mentoring engineering talent and ensuring compliance with industry standards.
Join International Vitamin Corporation as a Manufacturing Engineer II, focusing on process control and automation improvements in a dynamic manufacturing environment.
We are looking for an experienced Network and Enterprise Architecture Engineer to support the MQ-9 Pred/Reaper UAS at Serco, based at Wright Patterson AFB.
Insomnia Cookies is on the lookout for a hands-on Director of Engineering to elevate their web and mobile applications while managing a talented engineering team.
AECOM is looking for a motivated Junior Geotechnical Engineer to support key mining and civil infrastructure projects remotely from Phoenix, AZ.
We are looking for a Systems Methods and Tools Functional Architect to join Airbus and contribute to innovative aircraft design solutions.
Visa seeks an experienced Staff DevOps Engineer who thrives on solving complex challenges and enhancing software development processes.
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 15% of the world’s crypto assets are secured through Ledger Nanos. Headquartered in Paris and Vierzon, with offices in London, New York and Singapore, Ledger has a te...
99 jobs
Subscribe to Rise newsletter
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
Sign up for our weekly
newsletter of fresh jobs
