• Serás responsable de liderar la definición funcional y la evolución de productos digitales para un cliente del sector bancario • Actuarás como puente entre negocio y tecnología, asegurando que el equipo entregue valor continuo mediante una gestión clara del backlog, criterios de aceptación bien definidos y una visión alineada con objetivos del negocio, cumplimiento y experiencia del cliente • Levantar y traducir necesidades del negocio en épicas, features y user stories claras y accionables • Priorizar el backlog con foco en valor, riesgo, dependencias y cumplimiento normativo • Definir objetivos, roadmap y alcance por releases junto a stakeholders • Elaborar requerimientos funcionales (flujos, reglas de negocio, excepciones) y criterios de aceptación • Asegurar consistencia del producto: journeys, casos borde, reglas transaccionales, mensajes al usuario • Validar entregables con negocio (UAT), asegurar trazabilidad y apoyar al equipo QA • Facilitar workshops con áreas bancarias (canales, operaciones, riesgo, cumplimiento, tecnología) • Gestionar expectativas, dependencias y decisiones, comunicando avances y riesgos de forma oportuna • Participar activamente en ceremonias ágiles (refinamiento, planning, daily, review, retrospectiva) • Apoyar al equipo de desarrollo resolviendo dudas funcionales y manteniendo el alcance claro

• Play a critical role in maturing the security posture of our organization's endpoint infrastructure including the design, configuration, integration and deployment of enterprise security software and infrastructure • Deploy and maintain endpoint security platforms and processes including Anti-Virus, Anti Malware, Encryption, System Hardening, EDR, MDM, Web Content Management, DNS Security, Identity Solutions SIEM and Patch Management • Perform threat analysis, monitor security events for signs of security breaches and triage any suspicious behavior • Assist with the health, performance, stabilization and tuning of all Endpoint Infrastructure • Evaluate existing endpoint security solutions and participate in the design of strategies to enhance protection against emerging threats • Partner with senior engineers on the research and analysis of emerging technologies that enhance security capabilities and support current and future business objectives • Participate and contribute on enterprise technology evaluations and roadmap discussions with third party vendors • Assess existing security technologies to establish opportunities for improved endpoint protection controls • Ensure security solutions, policies and procedures are sufficient to meet and respond to threats to our data and endpoint infrastructure • Recommend and provide technical support processes, metrics, and SLAs • Maintain and enforce endpoint security policies and standards in alignment with corporate Governance, Security-Risk and Audit policies, procedures, industry regulation, best practices, and security frameworks (e.g., ISO 27001, NIST, CIS) • Support and document the implementation of approved endpoint security software and infrastructure components • Oversee projects from inception to closure ensuring completion according to business requirements and stakeholder standards • Perform continuous mentorship and development of junior staff members • Be a point of contact for escalation and engagement • Participate in the development of technical documentation, policies, and procedures for endpoint security application use and support • Communicate technical standards to Information Technology teams and junior team members • Regular attendance in conformance with standards; attend required meetings and trainings • May be required to work varying schedules to reflect business needs • Demonstrate a proactive approach towards work activities • Manage multiple projects to timely, successful completion • Perform other duties as assigned.

• Help develop and maintain engineering and data security policies and standards • Contribute to security awareness efforts across the organization • Support Engineering and Business teams in applying secure engineering practices • Assist with application security reviews and participate in security discussions • Learn how to integrate security into each stage of the software development lifecycle • Assist in configuring and analyzing security tools across cloud and on‑prem environments • Support security testing, vulnerability analysis, and documentation • Participate in an on‑call rotation with guidance and mentorship • Help develop incident response procedures and learn recovery strategies

Who We Are Founded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challenging risks. It has helped secure some of the world's most targeted organizations and devices. Our combination of novel research with practical solutions reduces the security risks that our clients face from emerging technologies. Our work helps drive the security industry and the public understanding of the technology underlying our world. Cybersecurity preparedness is a moving target. Companies like ours are the tip of the spear in the fight against attackers. Our research-based and custom-engineering approach ensures that our client’s capabilities are at the forefront of what’s available. For companies and technologies that live and die by their security, a proactive, tailored approach is required to keep one step ahead of attackers. Democratizing security information is essential. As part of our business, we provide ongoing informational support through blogs, whitepapers, newsletters, meetups, and open-source tools. The more the community understands security, the more they’ll understand why a company like ours is so unique and valuable. Role This role is for a security-focused software engineer who will design, build, and enhance security tools and frameworks across various contexts. You'll work on projects ranging from compiler-based security tools to AI/ML security frameworks, contributing to software that makes a real difference in the security landscape. You'll work on diverse projects and technologies, developing your expertise across multiple domains while building practical tools to solve security problems. You'll collaborate with researchers, security experts, and clients to understand complex security challenges and implement effective solutions. Software development will primarily involve Rust, C++, and Python, with occasional work in Go and Java. The role involves maintaining existing projects and creating novel solutions to emerging security challenges. You will typically work in teams of 2–4 people, all from remote locations. Technical leads guide the team’s work, collaborating with you and other members to define responsibilities based on project needs, individual strengths, and team input. Frequent communication with team members and clients is essential to success, and writing about your work publicly is encouraged and incentivized. We welcome applications from experienced professionals and talented recent graduates with relevant skills and interests. What You'll Achieve Security Tool Development: Design and implement security-focused software tools and frameworks Open Source Contribution: Contribute to open-source security projects and develop internal tools Security Solution Architecture: Analyze complex security challenges and develop practical, deployable solutions Full-Stack Security Understanding: Understand security implications across the stack, from low-level systems to application frameworks Secure Implementation: Implement secure CI/CD pipelines and integration with GitHub Actions AI/ML Security Research: Contribute to AI/ML security research and tooling Security Code Review: Evaluate and improve the security of existing software through code review and enhancement Technical Communication: Communicate technical concepts effectively to team members, clients, and the broader security community Technical Troubleshooting: Root-cause analysis and debugging on low-level technical issues Project Management: Interpret requirements, decompose tasks, and make engineering estimates What You'll Bring Strong software development skills with experience in: Rust, C++, and/or Python. Occasionally, Go or Java knowledge is necessary Knowledge of AI/ML systems and associated security challenges Familiarity with AI development tools like Claude Code, Cursor, and others Experience with secure development practices and building secure software Demonstrated ability to quickly learn new programming languages, frameworks, and technologies Understanding of computer security principles and common vulnerability classes Ability to work independently and as part of a remote team Strong written and verbal communication skills Familiarity with GitHub, CI/CD pipelines, and automated testing Preferred Qualifications Prior contributions to open-source security tools or frameworks Experience developing commercial-grade software used by the public Understanding of low-level systems, including memory management and operating system internals Experience with compiler technology, program analysis, or binary analysis Participation in CTF competitions or other security challenges Experience with multiple programming languages and paradigms Experience in reading, writing, and publishing academic papers Experience in public speaking (Preferred qualifications are nice to have, but not required. Please apply even if you don’t meet all of these!) The US base salary for this full-time position ranges from 150,000 to 200,000, excluding benefits and potential bonuses. Various factors influence our salary ranges, including the specific role, level of seniority, geographic location, and the nature of the employment contract. An individual's specific work location, unique skills, experience, and relevant educational background will determine the final offer within this range. The presented salary range encompasses the starting salaries for all U.S. locations. For a precise salary estimate tailored to your preferred location, please discuss it with your recruiter during the hiring process. Trail of Bits, Inc. participates in E-Verify, the US federal electronic employment eligibility verification program. Learn more. When you apply, you'll be added to our newsletter so you can stay updated on company news and opportunities. You can opt out anytime. Benefits Benefits, Perks & Wellness Trail of Bits is our people, not a place. With over 100+ employees working from every time zone across the globe, our remote-first culture is built on autonomy and trust (and backed by smile-worthy benefits) for full-time employees: Empowered Living: Competitive salary complemented by performance-based bonuses. Fully company-paid insurance packages, including health, dental, vision, disability, and life. A solid 401(k) plan with a 5% match of your base salary. 20 days of paid vacation with flexibility for more, adhering to jurisdictional regulations. Nurturing New Beginnings: 4 months of parental leave to cherish the arrival of new family members. Our team is global and remote-first. However, if you are interested in moving to NYC, we offer $10,000 in relocation assistance to support your transition. Work & Life Enrichment: $1,000 Working-from-Home stipend to create a comfortable and productive home office. Annual $750 Learning & Development stipend for continuous personal and professional growth. Company-sponsored all-team celebrations, including travel and accommodation, to foster community and recognize achievements. Community Impact: Philanthropic contribution matching up to $2,000 annually.