Solve the hardest problems in security with us
We take on some of the hardest security problems in the field, from securing AI systems and blockchains to auditing the cryptography and infrastructure that millions of people rely on every day.
Our culture rewards curiosity, deep technical work, and visible public output. Engineers ship open-source tools, present at conferences, publish research, and learn from one of the most concentrated benches of security expertise anywhere.
Careers at a glance
Open roles
9
Roles open across assurance, research and engineering, and operations.
US remote
100%
A distributed team with overlapping core hours.
Application review
5–7 days
Business days from submission to first response.
PTO
4 weeks
Plus 15 company holidays and 4 months of parental leave.
Open positions
View All| Title | Location | Apply |
|---|---|---|
| Assurance · 4 | ||
| Engineering Director, Application Security | US Apply | Apply |
| Security Engineer, Application Security | US Apply | Apply |
| Security Engineer, Blockchain | US Apply | Apply |
| Senior Security Engineer, Agentic AI | US Apply | Apply |
| Research & Engineering · 1 | ||
| Security Engineer, Research & Engineering | US Apply | Apply |
| Operations · 1 | ||
| AI Systems Engineer | New York, NY Apply | Apply |
| Go-To-Market · 2 | ||
| Project Manager, Client Services | US Apply | Apply |
| Technical Marketing Manager, AppSec, Research and AI Security | US Apply | Apply |
Open application
Apply to our Talent Pipeline
For strong candidates whose role isn't posted yet.
8 open roles · Sourced from apply.workable.com/trailofbits
Hiring process
Four stages
From application to offer in about three weeks.
Every candidate sees the same four stages. Each one is scoped to the role and weighted toward real work over rehearsed answers.
-
Preliminary screen
30 minA conversation with a senior technical recruiter about the role, your background, and what you want next. No technical questions yet.
-
Technical screening
60 minA discussion with an engineer or hiring manager in your area of expertise. Expect role-specific technical questions, and a chance to ask your own.
-
Technical assessment
3–7 daysA take-home benchmarked to about two hours of work. Engineering roles get a code challenge focused on finding and analyzing security vulnerabilities; other roles get a scenario relevant to the position, like a sourcing strategy or a launch plan. A strong work sample you already have can stand in.
-
Final panel interview
90 min – 2 hrMeet several members of the team you would join. The conversation covers your assessment, your past work, how you collaborate, and how you would fit day to day. About a fifth of it is reserved for your questions.
All interviews are on Google Meet. Application review takes 5 to 7 business days, and we make a final decision within five business days of the last interview. Accommodations available on request.
Benefits
Health coverage with no premiums
-
Health insurance with no monthly premiums
-
Vision, dental, life, and disability coverage
-
Kindbody: gynecology and fertility care
-
HealthAdvocate, Teladoc, and OneMedical access
Pay benchmarked to market
-
401(k) with 5% company match
-
Competitive salaries benchmarked to market
-
Ongoing bonus opportunities
4 weeks PTO, 4 months parental leave
-
4 weeks PTO
-
15 company holidays
-
4 months paid parental leave
Bonuses for performance and output
-
End-of-year performance bonuses
-
Continuing education, public presentations, and blog posts
-
Recruiting and referral bonuses
Learning stipend and R&D time
-
Continuing education stipend
-
Training sessions and learning courses
-
Internal R&D projects
Conferences and off-sites
-
Conferences and off-sites
-
Company and team outings
-
Virtual events
FSA, commuter, and fitness
-
ConnectYourCare FSA
-
Commuter benefits
-
Fitness stipends
Donation matching and relocation
-
Charitable donation matching
-
Relocation assistance
Remote-first by default
-
1Password subscription
-
Work-from-home stipend
-
Remote-friendly policies across the firm
Recognition
| Year | Award | Source |
|---|---|---|
| 2025 | Best Midsize Remote Places to Work | Built In |
| 2024 | Best Midsize Places to Work (NYC) | Built In NYC |
| 2023 | Top NYC Workplace | Energage / amNY |
| 2023 | Best Startup Places to Work (NYC) | Built In NYC |
| 2022 | Best Small Places to Work (NYC) | Built In NYC |
| 2021 | Best Places to Work (NYC) | Built In NYC |
Common Questions
- When can I expect to hear back?
- We review applications within 5 to 7 business days. If your background looks like a fit, a recruiter reaches out to schedule a preliminary screen.
- What is the interview process like?
- Four stages: a 30-minute preliminary screen, a 60-minute technical screen, a take-home assessment benchmarked to about two hours, and a 90-minute to 2-hour final panel with the team you would join.
- What should I expect in a technical assessment?
- Engineering roles get a code challenge focused on finding and analyzing security vulnerabilities. Other roles get a scenario relevant to the position, like a sourcing strategy or a launch plan. If you already have a strong work sample, we are happy to accept it instead.
- Do you offer remote work options?
- Yes. All roles are remote-friendly and we work across multiple time zones. Some positions list a primary city for tax or in-person reasons, but day-to-day work is remote.
- What are the working hours?
- Flexible, with enough overlap across time zones for teams to collaborate. Core hours are set per role and team, and we discuss them during the interview.
- What kinds of engineering projects will I work on?
- Novel security analysis tools, smart contract audits, binary analysis, AI/ML security evaluations, cryptographic protocol analysis, open-source contributions, and security research you publish. The exact mix depends on the team you join.
- What growth opportunities are there?
- Internal knowledge sharing, conference speaking, security training, blog writing, and an annual learning and development stipend. Many engineers move between teams as their interests evolve.
- Where do I direct other questions?
- Email [email protected] and our recruiting team will get back to you.
Talent pipeline
Don't see your role?
We keep an open application for roles we have not posted yet. If your background is unusual or strong, send it our way and we will route you to the right team. Or email [email protected].
