Careers

Join the Least Authority team and contribute to our work.

Open Positions

How to Apply

Get in touch and send us any of the following at jobs [at] leastauthority.com:

  • Resume
  • Website link
  • Past work
  • Github link
  • Social media profile links (LinkedIn, Twitter, etc.)
  • Example work
  • Or even just a nice email about yourself

Working with Least Authority

How We Work
We are a remote-first and global organization. You can have options for where and when you work while staying in close, collaborative communication with the team. Our work is conducted in English; speaking German is not a requirement.

What We Do
Following our mission, our work involves areas from security auditing and supporting others to building products and collaborating within the Free and Open Source Software (FOSS) community. We provide consulting services and conduct security audits for software development projects. You can read some of our final reports here.

Another focus of our work is building products aimed at increasing the security of the data and systems, along with enhancing and preserving privacy. We also collaborate with human rights organizations and non-profit foundations to provide secure tools and privacy enhancing technologies for human rights defenders.

In addition, we support projects, programs, and other ventures that focus on increasing awareness of the importance of digital security and privacy in technology.

Learn more about our open source development and other privacy-related efforts for building distributed systems on our blog.

For more information about Least Authority and to meet the team, see About Us.

Job Descriptions

Project Coordinator– Website & Marketing

We are looking for a Project Coordinator to join our Website & Marketing Team.

The role involves working cross-functionally with colleagues across various projects to identify needs to improve our website, to communicate those with the Website Team, to ensure needs are converted into scheduled activities and assist with their completion.

This role is part-time initially, with an expectation that the ideal candidate will be able to spread work time throughout the week and with some overlap of hours across various timezones in the EU and US. Depending on the skills of the candidate, we may be able to support a full-time role that includes additional responsibilities.

The responsibilities for this role include:

  • Website Strategy: Working closely with the Web Editor, Web Developer, and the broader Website Team, the Website Coordinator will support the   establishment, tracking and execution of our website strategy.
  • Project coordination: Coordinating with individuals and teams across the company regarding website-specific operations. This includes: 
    • Setting website meetings and agendas;
    • Liaising with different teams on the company to recognize their needs and incorporate it in the planning; 
    • Participating in team marketing meetings to facilitate communication across the team; 
    • Identifying relevant issues and blockers when they arise; and 
    • Coordinating the resolution of issues. 
  • Process adherence: Making sure processes and infrastructure exist, and are followed by team members . Assisting the evaluation of process effectiveness by facilitating team reviews , and supporting improvement of them where necessary. 
  • Facilitate feedback: Setting up and facilitating feedback processes for our website, both internally and externally (focused on our target audience).

The ideal person for this role has some skills in the following areas:

  • Effective time management.
  • Strong collaboration and communication skills across a remote and global team.
  • Proactive and problem solving attitude.
  • Cultural awareness and ability to work in a diverse team.
  • Organization and the ability to maintain processes;
  • Distilling action items and taking initiative to complete tasks;
  • Detail oriented with the ability to meet deadlines;
  • Flexible, responsive, and comfortable to work in a respectful way with all colleagues ; especially when it comes to soliciting and incorporating team input.

Given the company’s work areas, experience in or interest in any of the following areas would be an asset to a candidate in this role:

  • Privacy Enhancing Tech and secure communications tools.
  • Distributed & decentralized technologies.
  • Open source technologies.
  • Purpose-driven business practices.
  • Privacy-first marketing and communication practices.
  • (Digital) Human Rights and Internet Freedom.
  • Blockchain, cryptocurrencies, Web3.
  • Information Security, Digital Security, Operational Security.

More information on how to apply.

Quality Assurance Specialist/Engineer for PrivateStorage

We’re looking for a Quality Assurance Specialist/Engineer to join our team working on PrivateStorage. PrivateStorage is an end-to-end encrypted secure storage product that aims to minimize the collection of any data related to its users. 

This position will lead the quality assurance process to ensure product quality and that customer requirements are understood and met. It involves working cross-functionally with various members of the team to clearly and efficiently communicate issues and feedback so it can be incorporated into the product development process.   

The responsibilities for this position include: 

  • Establishing processes, such as checklists or otherwise, for performing quality assurance across products that we develop;
  • Collaborating with developers and product owner to define acceptance criteria of features;
  • Ensuring that these processes are accessible and replicable for colleagues to participate in quality assurance;
  • Working with developers on the team to ensure release-specific needs are incorporated in the quality assurance of the release; 
  • Performing quality assurance testing on desktop, mobile and web-based tools;
  • Producing automated tests (aka “UI / integration tests”) for desktop, mobile and web-based tools;
  • Supporting colleagues in performing QA reviews;
  • Writing up detailed tickets based on (replicable) findings from the QA review;
  • Collaborate with product owners and developers when evaluating the relative importance/severity of reported issues and other tasks relating to issue-triage and prioritization;
  • Writing up review summaries and recommend whether releases are ready for public release; and
  • Collaborate on user research to gain insight for product design and roadmap.

The ideal person for this role has skills and/or interest in some of the following areas:

  • Experience performing quality assurance for technical products;
  • Participating as quality assurance within the full software development life cycle is preferred;
  • Experience with some or all of the following languages and tools: Python, Haskell, Nix, Rust, and the Qt toolkit;
  • Interest in helping with documenting feedback from users for consideration by developers and product manager;
  • Interest and experience with data storage and networking;
  • Interest and experience in Privacy Enhancing Tech, secure communications tools, security best practices, threat modeling, and network security;
  • Excellent interpersonal and communication skills for working with a distributed team;
  • Distributed and decentralized technologies (e.g. collaborating online via Git, asynchronous chat and other similar tools); and
  • Open source software and development practices.

Least Authority is a remote-first and global organization, so location and working hours are flexible. The role can be part- to full-time, depending on skills and interests.

An example of what a week in the life of a Quality Assurance Specialist at PrivateStorage might look like:

Monday:

  • Join our full-team sync and then run through a QA checklist on a new release of the client. Collaborate with client developers to understand issues discovered during the QA process and ensure the whole team understands any problems found.

Tuesday: 

  • Join iteration planning and make a case for spending resources fixing issues uncovered by QA. Join the whole-LeastAuthority-team sync and then do more exploratory (ie, off-script) QA work on the client software.

Wednesday:

  • Catch up with the infrastructure team about recent and upcoming changes deployed on the service’s backend. Develop QA processes for existing and new infrastructure functionality.

Thursday:

  • Run through a QA checklist on the backend infrastructure and join a whole-LeastAuthority-team presentation session. Build automation to reduce the manual effort required for the various QA checklists

Friday: 

  • Design new QA processes to catch recently reported regressions and collaborate with the team to document acceptance criteria to help developers avoid creating such problems in the future. Collaborate with developers to design new testing practices to catch bugs before they get working on QA reviews.

More information on how to apply.

Tech Lead, Zero-Knowledge Access Passes (ZKAPs) Service

This position will be part-time and based wherever you are – we are a remote-first company with our HQ in Berlin.

We are looking for a Tech Lead to help us design and build a service offering the use of Zero Knowledge Access Passes (ZKAPs), a cryptographic authorization protocol, to other organizations. 

The need for ZKAPs arose out of our development of PrivateStorage, a privacy-preserving file storage service. ZKAPs allow us to unlink individual actions from individual actors within a system (i.e. data about who signs up for a service and how they use that service), with the help of zero-knowledge proof technology. 

We are excited about the many possibilities for the use of ZKAPs to help protect user privacy in others’ services, especially services that utilize a subscription-business model. Join us to create a new privacy-preserving service that demonstrates and enables the value of ZKAPs beyond their initial implementation and facilitates their use by other organizations and services.  

To learn more about ZKAPs, you can read our ZKAPs whitepaper

The responsibilities for this position include:

  • Lead the full software development life cycle of the creation of a ZKAPs Service;
  • Help to evaluate and identify the most feasible way to develop and deliver ZKAPs to a range of organizations and services; 
  • Integrate the existing Rust and either Python or Haskell software into a library and service that can be integrated into clients’ applications; and 
  • Work cross-functionally with other contributors building, designing, marketing, selling, and supporting it.

The ideal person for this role has some skills in the following areas:

  • Experience serving as the technical lead throughout the full software development life cycle is preferred
  • Interest and/or experience in leading the product design and development from a technical perspective;
  • Interest and experience in Privacy-Enhancing Tech, secure communications tools, security best practices, threat modeling, and network security;
  • Knowledge of professional software engineering and best practices for the full software development life cycle, including code reviews, testing, technical operations and continuous delivery; and
  • Excellent interpersonal and communication skills for working with a distributed team.

The ideal person for this role has interest in some or all of the following areas:

  • Applied and advanced cryptography, like zero-knowledge proofs
  • Haskell and Rust programming languages; 
  • Distributed and decentralized technologies;
  • Open source software and development practices.

Learn more about product development at Least Authority.

More information on how to apply.

Smart Contracts Security Researcher & Engineer (Multiple Ecosystems and Languages)

This position can be project-based, part-time or full-time based on your interests and our needs.

We’re looking for a Smart Contracts Security Researcher & Engineer to join our team. You can be a security researcher, software engineer, computer scientist, or mathematician who is interested in doing smart contract security research and analysis. Experience or interest in learning smart contract languages, including, but not limited to, Solidity, Michelson, Ligo, SmartPy, and Clarity is required.

This position will work with our Security Consulting team on smart contract projects for a variety of ecosystems, including, but not limited to, Ethereum, Tezos, Stacks, and Cosmos. The role involves analyzing designs, specifications and codebases, along with documenting findings, providing recommendations, and communicating with consulting clients. Research will use the latest security best practices, knowledge of advancements in related fields, and previous experience / findings.

Training
We will provide cross-language training to applicants familiar with the smart contracts and / or Decentralized Finance (DeFi) concepts and qualified in at least one smart contracts language.

We are also seeking qualified candidates who are interested in conducting internal knowledge sharing and training about the security of smart contracts.

The ideal person for this role has some skills in the following areas:

  • Distributed & decentralized technologies
  • Smart contract systems and DeFi concepts and applications
  • Blockchain, cryptocurrency and Web 3.0 systems
  • Open source software and development practices
  • Security research and knowledge sharing to advance best practices
  • Adversarial scenarios, attack vectors and threat modeling
  • Privacy Enhancing Tech and secure communications tools
  • A deep understanding of least one smart contract coding language, with a drive to learn additional ones, such as: Solidity, Michaelson, Ligo, SmartPy, Clarity

Learn more about our security consulting work by browsing our published reports.

More information on how to apply.

Security / Cryptography Researcher & Engineer

This position can be project-based, part-time or full-time based on your interests and our needs.

We’re looking for a Security or Cryptography Researcher & Engineer to join our team. You could be a software engineer, computer scientist, or mathematician who is interested in doing security research and engineering for advanced applied cryptography, especially with distributed systems. This position will work with our Security Consulting team on projects ranging from blockchain protocols to data management to zero-knowledge proofs. It involves analyzing designs, specifications and codebases, along with documenting findings, providing recommendations, and communicating with consulting clients. Research will use the latest security best practices, knowledge of advancements in related fields and previous experience / findings.

The ideal person for this role has interest in some of the following areas:

  • Distributed & decentralized technologies
  • Applied & advanced cryptography, like Zero-Knowledge Proofs
  • Blockchain, cryptocurrency and Web 3.0 systems
  • Open source software and development practices
  • Security research and knowledge sharing to advance best practices
  • Adversarial scenarios, attack vectors and threat modeling
  • Privacy Enhancing Tech and secure communications tools
  • A deep understanding of at least one coding language, with a drive to learn additional ones, including but not limited to: Go, Rust, Haskell, Solidity, Michelson, C++

Learn more about our security consulting work by browsing our published reports.

More information on how to apply.

General Applications

If you think you’d make a great addition to our team, you are welcome to introduce yourself to us for future consideration.

More information on how to apply.