Quarkslab is a French company specializing in information security R&D, consulting and software development. Our expertise is in combining offensive and defensive security to help organizations adopt a new security posture: Force the attackers, not the defender, to adapt constantly. Through our consulting services as well as our software we provide tailored solutions to organizations, helping them to protect their assets, sensitive data, and users against increasingly sophisticated attacks.
Quarkslab is an avid and active user of, and contributor to, Open Source Software and develops and maintains state-of-the-art security tools such as LIEF , QBDI, Triton, Irma, and several other projects.
We develop two commercial software products: QFlow, a platform to automate and orchestrate security analysis of files at scale, and QShield, advanced code and data protection software to disrupt code lifting, reverse engineering and tampering attacks.
The QShield team develops several protection solutions, for applications running on desktop, mobile or embedded devices - targeting code, data at rest, cryptographic algorithms, and attesting the legitimacy of the runtime environment and platform.
These tools run on different kinds of environments, including Linux, Windows, macOS, Android, and iOS, and architectures, such as x86_64 and arm for instance, and some of them rely on third-party components such as LLVM, a state-of-the-art open source C/C++ compiler. This job specifically focuses on the engineering of a collection of C++ tools and libraries that embed and use some common cryptographic algorithms and/or protocols, but also provide other broader features.
The challenge you will face will be to help develop and maintain the protection solutions while being regularly exposed to new, exotic, and interesting concepts, related to cryptography implementation and usage, in the context of projects related to secrets and runtime environment protection: secret keys management, the protection of data at rest, secure protocols and hardware secure elements usage, etc…
You will need to do some online research, and understand cryptographic standards, find and study existing protocols and implementations, and inform the rest of the team on what would be the sound choices/design in a given context. You will also participate in the implementation of customer-specific requirements and customer support.
If you like C++, technical challenges, you know a bit of cryptography, and you are curious about learning more, do not hesitate to contact us!
The skills or knowledge we think you should have:
But also, that would be nice if you knew: