Careers

Join the Least Authority team and contribute to our work.

Open Positions

How to Apply

Get in touch and send us any of the following at jobs [at] leastauthority.com:

  • Resume
  • Website link
  • Past work
  • Github link
  • Social media profile links (LinkedIn, Twitter, etc.)
  • Example work
  • Or even just a nice email about yourself

Working with Least Authority

How We Work
We are a remote-first and global organization. You can have options for where and when you work while staying in close, collaborative communication with the team. Our work is conducted in English; speaking German is not a requirement.

What We Do
Following our mission, our work involves areas from security auditing and supporting others to building products and collaborating within the Free and Open Source Software (FOSS) community. We provide consulting services and conduct security audits for software development projects. You can read some of our final reports here.

Another focus of our work is building products aimed at increasing the security of the data and systems, along with enhancing and preserving privacy. We also collaborate with human rights organizations and non-profit foundations to provide secure tools and privacy enhancing technologies for human rights defenders.

In addition, we support projects, programs, and other ventures that focus on increasing awareness of the importance of digital security and privacy in technology.

Learn more about our open source development and other privacy-related efforts for building distributed systems on our blog.

For more information about Least Authority and to meet the team, see About Us.

Job Descriptions

Tech Lead, Zero-Knowledge Access Passes (ZKAPs) Service

This position will be part-time and based wherever you are – we are a remote-first company with our HQ in Berlin.

We are looking for a Tech Lead to help us design and build a service offering the use of Zero Knowledge Access Passes (ZKAPs), a cryptographic authorization protocol, to other organizations. 

The need for ZKAPs arose out of our development of PrivateStorage, a privacy-preserving file storage service. ZKAPs allow us to unlink individual actions from individual actors within a system (i.e. data about who signs up for a service and how they use that service), with the help of zero-knowledge proof technology. 

We are excited about the many possibilities for the use of ZKAPs to help protect user privacy in others’ services, especially services that utilize a subscription-business model. Join us to create a new privacy-preserving service that demonstrates and enables the value of ZKAPs beyond their initial implementation and facilitates their use by other organizations and services.  

To learn more about ZKAPs, you can read our ZKAPs whitepaper

The responsibilities for this position include:

  • Lead the full software development life cycle of the creation of a ZKAPs Service;
  • Help to evaluate and identify the most feasible way to develop and deliver ZKAPs to a range of organizations and services; 
  • Integrate the existing Rust and either Python or Haskell software into a library and service that can be integrated into clients’ applications; and 
  • Work cross-functionally with other contributors building, designing, marketing, selling, and supporting it.

The ideal person for this role has some skills in the following areas:

  • Experience serving as the technical lead throughout the full software development life cycle is preferred
  • Interest and/or experience in leading the product design and development from a technical perspective;
  • Interest and experience in Privacy-Enhancing Tech, secure communications tools, security best practices, threat modeling, and network security;
  • Knowledge of professional software engineering and best practices for the full software development life cycle, including code reviews, testing, technical operations and continuous delivery; and
  • Excellent interpersonal and communication skills for working with a distributed team.

The ideal person for this role has interest in some or all of the following areas:

  • Applied and advanced cryptography, like zero-knowledge proofs
  • Haskell and Rust programming languages; 
  • Distributed and decentralized technologies;
  • Open source software and development practices.

Learn more about product development at Least Authority.

More information on how to apply.

Project Manager - Security Consulting

This position can be part-time or full-time based on your interests and our needs for your individual skill set.

We are looking for a Project Manager to help us with the effective management of our security consulting projects. This role provides key support to our security consulting team and our clients by delivering quality and value with our work.

The responsibilities for this position include:

  • Participation in full planning to delivery for security consulting projects;
  • Scope management: help in defining and confirming scope, project requirements sharing, and identifying the need for scope changes;
  • Management of multiple ongoing consulting projects in various phases;
  • Assistance with client leads, building client relationships and team planning;
  • Participation in and helping to lead the onboarding of new team members; 
  • Scheduling and facilitating meetings and client-to-team / team-to-team communication;
  • Activity, task and schedule management;
  • Project set up activities;
  • Assistance with the creation, writing, and completion of consulting project reports, including audit reports;
  • Client communication and relationship management;
  • Identifying, communicating, escalating, and mitigating project risks;
  • Working effectively and collaboratively with a variety of team members, including the director, project management and support team, and the security research team;
  • Continuous maintenance, improvement, and upkeep of security audit related processes.

The ideal person for this role has some skills in the following areas:

  • Works well with a team;
  • Eager to learn and motivated to achieve team goals;
  • Organization and the ability to maintain processes;
  • Distilling action items and taking initiative to complete tasks;
  • Detail oriented with the ability to meet deadlines;
  • Excellent interpersonal and client communication skills; 
  • Flexible, responsive, and comfortable in a fast-paced work environment; and
  • Able to work with and coordinate across global teams members and clients across various time zones;

The ideal person for this role has interest in some or all of the following areas:

  • Distributed & decentralized technologies;
  • Applied & advanced cryptography, like Zero-Knowledge Proofs;
  • Blockchain, cryptocurrency and Web 3.0 systems;
  • Open source software and development practices;
  • Security best practices and threat modeling; and
  • Privacy Enhancing Tech and secure communications tools.

Learn more about our security consulting work by browsing our published reports.

More information on how to apply.

Smart Contracts Security Researcher & Engineer (Multiple Ecosystems and Languages)

This position can be project-based, part-time or full-time based on your interests and our needs.

We’re looking for a Smart Contracts Security Researcher & Engineer to join our team. You can be a security researcher, software engineer, computer scientist, or mathematician who is interested in doing smart contract security research and analysis. Experience or interest in learning smart contract languages, including, but not limited to, Solidity, Michelson, Ligo, SmartPy, and Clarity is required.

This position will work with our Security Consulting team on smart contract projects for a variety of ecosystems, including, but not limited to, Ethereum, Tezos, Stacks, and Cosmos. The role involves analyzing designs, specifications and codebases, along with documenting findings, providing recommendations, and communicating with consulting clients. Research will use the latest security best practices, knowledge of advancements in related fields, and previous experience / findings.

Training
We will provide cross-language training to applicants familiar with the smart contracts and / or Decentralized Finance (DeFi) concepts and qualified in at least one smart contracts language.

We are also seeking qualified candidates who are interested in conducting internal knowledge sharing and training about the security of smart contracts.

The ideal person for this role has some skills in the following areas:

  • Distributed & decentralized technologies
  • Smart contract systems and DeFi concepts and applications
  • Blockchain, cryptocurrency and Web 3.0 systems
  • Open source software and development practices
  • Security research and knowledge sharing to advance best practices
  • Adversarial scenarios, attack vectors and threat modeling
  • Privacy Enhancing Tech and secure communications tools
  • A deep understanding of least one smart contract coding language, with a drive to learn additional ones, such as: Solidity, Michaelson, Ligo, SmartPy, Clarity

Learn more about our security consulting work by browsing our published reports.

More information on how to apply.

Security / Cryptography Researcher & Engineer

This position can be project-based, part-time or full-time based on your interests and our needs.

We’re looking for a Security or Cryptography Researcher & Engineer to join our team. You could be a software engineer, computer scientist, or mathematician who is interested in doing security research and engineering for advanced applied cryptography, especially with distributed systems. This position will work with our Security Consulting team on projects ranging from blockchain protocols to data management to zero-knowledge proofs. It involves analyzing designs, specifications and codebases, along with documenting findings, providing recommendations, and communicating with consulting clients. Research will use the latest security best practices, knowledge of advancements in related fields and previous experience / findings.

The ideal person for this role has interest in some of the following areas:

  • Distributed & decentralized technologies
  • Applied & advanced cryptography, like Zero-Knowledge Proofs
  • Blockchain, cryptocurrency and Web 3.0 systems
  • Open source software and development practices
  • Security research and knowledge sharing to advance best practices
  • Adversarial scenarios, attack vectors and threat modeling
  • Privacy Enhancing Tech and secure communications tools
  • A deep understanding of at least one coding language, with a drive to learn additional ones, including but not limited to: Go, Rust, Haskell, Solidity, Michelson, C++

Learn more about our security consulting work by browsing our published reports.

More information on how to apply.

General Applications

If you think you’d make a great addition to our team, you are welcome to introduce yourself to us for future consideration.

More information on how to apply.