Careers

Join the Least Authority team and contribute to our work.

Open Positions

How to Apply

Get in touch and send us any of the following at jobs [at] leastauthority.com:

  • Resume
  • Website link
  • Past work
  • Github link
  • Social media profile links (LinkedIn, Twitter, etc.)
  • Example work
  • Or even just a nice email about yourself

Working with Least Authority

How We Work
We are a remote-first and global organization. You can have options for where and when you work while staying in close, collaborative communication with the team. Our work is conducted in English; speaking German is not a requirement.

What We Do
Following our mission, our work involves areas from security auditing and supporting others to building products and collaborating within the Free and Open Source Software (FOSS) community. We provide consulting services and conduct security audits for software development projects. You can read some of our final reports here.

Another focus of our work is building products aimed at increasing the security of the data and systems, along with enhancing and preserving privacy. We also collaborate with human rights organizations and non-profit foundations to provide secure tools and privacy enhancing technologies for human rights defenders.

In addition, we support projects, programs, and other ventures that focus on increasing awareness of the importance of digital security and privacy in technology.

Learn more about our open source development and other privacy-related efforts for building distributed systems on our blog.

For more information about Least Authority and to meet the team, see About Us.

Job Descriptions

Senior Smart Contracts Research & Engineer (Multiple Languages)

We’re looking for a Senior Smart Contracts Security Researcher & Engineer to join our team. 

Experience with one or more smart contract languages, including, but not limited to, Solidity, Michelson, Ligo, SmartPy, and Clarity is required, along with familiarity with latest security best practices and knowledge of advancements in related fields

This position is to perform security research, analysis and engineering  on smart contract projects for our clients, such as analyzing designs, specifications and codebases, along with documenting findings, providing recommendations, and communicating with consulting clients. We work with a variety of ecosystems, including, but not limited to, Ethereum, Tezos, Stacks, and Cosmos. 

About Least Authority

Least Authority is committed to building and supporting the development of usable technology solutions and ethical business practices to advance digital security and preserve privacy as a fundamental human right.

As part of our business, we provide security consulting services to help others make their solutions more secure. We support teams from the design phase through the production launch and after through a variety of security consulting services.

Additionally, we develop usable products that advance digital security and protect the privacy of users and contribute to various communities to promote the use of secure systems and privacy-protecting technology.

Why join Least Authority?

  • We are a remote first company,  headquartered in Berlin;
  • Our team provides flexible working arrangements;
  • We offer continuous learning  opportunities; 
  • We operate based on ethical business practices;
  • We are a mission-driven company;
  • We value Diversity & Inclusion; and
  • We can legally employ our team members from remote and support with relocation to Germany.

The responsibilities for this position include:

  • Conduct research on software and related technology to look for security issues, with a focus on critical vulnerabilities as known through industry best practices;
  • Analyze technical designs documentation and specifications for potential security issues, vulnerabilities and other flaws;
  • Perform manual code reviews and investigate for potential security issues in code repositories and codebases, along with related code comments, tests and dependencies;
  • Analyze and propose potential mitigation and remediation strategies for security issues found;
  • Communicate with team members specific security issues and general findings found during research activities;
  • Design new approaches to security issues in code and systems;
  • Develop potential solutions, including but not limited to producing documentation, code and other helpful artifacts; 
  • Engineer systems, tools and products, to help with the security of data in transit and at rest, including privacy enhancing technologies; 
  • Develop preventative approaches to help avoid security issues; 
  • Actively participate in project report preparation activities;
  • Provide these research and engineering activities for both consulting engagements and internal projects;
  • Work cross-functionally to meet project deadlines and goals;
  • Participate in team efforts, including meetings, to facilitate collaboration towards shared project and Company goals;
  • Possess and share knowledge as it relates to current security best practices and industry advancements; and 
  • Anything else as mutually agreed.

The  requirements for this position are the following.

  •  2+ years working with one or more smart contract languages, including, but not limited to, Solidity, Michelson, Ligo, SmartPy, and Clarity; and
  • Familiarity with and interest in the latest security best practices and knowledge of advancements in related fields. 

The ideal person for this role has some skills in the following areas:

  • Distributed & decentralized technologies
  • Smart contract systems and DeFi concepts and applications
  • Blockchain, cryptocurrency and Web 3.0 systems
  • Open source software and development practices
  • Security research and knowledge sharing to advance best practices
  • Adversarial scenarios, attack vectors and threat modeling
  • Privacy Enhancing Tech and secure communications tools
  • A deep understanding of least one smart contract coding language, with a drive to learn additional ones, such as: Solidity, Michaelson, Ligo, SmartPy, Clarity

Least Authority is an equal opportunity employer. We encourage people from all backgrounds to apply. We are committed to ensuring that our technology is made available and accessible to everyone. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law.

Technical Recruiter

We are looking for a Technical Recruiter to join our team to help us grow by expanding our existing recruitment operations. The Technical Recruiter will assist the team with building internal expertise and capacity around the technical recruitment effort to optimize our technical hiring process and attract the right candidates for our team.

About Least Authority
Least Authority is committed to building and supporting the development of usable technology solutions and ethical business practices to advance digital security and preserve privacy as a fundamental human right.

As part of our business, we provide security consulting services to help others make their solutions more secure. We support teams from the design phase through the production launch and after through a variety of security consulting services.

Additionally, we develop usable products that advance digital security and protect the privacy of users and contribute to various communities to promote the use of secure systems and privacy-protecting technology.

Why join Least Authority?

  • We are a remote first company,  headquartered in Berlin;
  • Our team provides flexible working arrangements;
  • We offer continuous learning  opportunities; 
  • We operate based on ethical business practices;
  • We are a mission-driven company;
  • We value Diversity & Inclusion; and
  • We can legally employ our team members from remote and support with relocation to Germany.

The responsibilities for this position include:

Working closely with the CEO, the People Operations (HR & Talent), along with the Security Consulting and product development teams to:

  • Optimize and expand the existing technical talent sourcing approach; 
  • Explore, develop and execute different technical recruitment approaches in line with industry standards; 
  • Establish relationships across industry-relevant communities to drive talent to our openings;
  • Review, write and optimize our technical job ads to make them relevant to the industry standards;
  • Review the recruitment process and identify areas of improvement;
  • Contribute to the company recruitment strategy conversations to help achieve the technical team growth plan;
  • Identify and engage with relevant and strategic job boards, communities, platforms and hiring partners for the promotion of our openings;
  • Review inbound applications to determine the technical qualifications of candidates;
  • Create and facilitate the completion of technical assessments and application scoring methods;
  • Monitor markets and trends to incorporate learnings from industry observations;
  • Assist with building an internal and external referral system; and
  • Support the further technical development of the  hiring process (interview structure and questions, interview evaluation system, technical assessments methods, etc.).

Helpful skills and attributes for this role include:

  • Works well with a team;
  • Previous experience with technical recruitment roles or similar positions;
  • Eager to learn and motivated to achieve team goals;
  • Organization and the ability to maintain processes;
  • Distilling action items and taking initiative to complete tasks;
  • Ability to focus on the details, but also understand the bigger picture;
  • Detail oriented with the ability to meet deadlines;
  • Excellent interpersonal and communication skills;
  • Self-driven attitude, but also an ability to work collaboratively with others teams and to take into account existing processes; and
  • Flexible, responsive, and comfortable in a fast-paced work environment.

Preferred but not required:

  • Familiarity with or interest in the Web3, Security and Blockchain industry or curiosity to learn more
  • Previous experience in remote or globally distributed teams

The ideal person for this role has interest in some or all of the following areas:

  • Distributed & decentralized technologies;
  • Applied & advanced cryptography, like Zero-Knowledge Proofs;
  • Blockchain, cryptocurrency and Web 3.0 systems;
  • Open source software and development practices;
  • Security best practices and threat modeling; and
  • Privacy Enhancing Technologies and secure communications tools.

We encourage you to apply if you are interested in working with us, even if you aren’t certain you meet the needs outlined in a specific job description. We are flexible and sometimes we can modify our positions or work with you to identify other potential positions on our team.

Least Authority is an equal opportunity employer. We encourage people from all backgrounds to apply. We are committed to ensuring that our technology is made available and accessible to everyone. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law.

Resource Manager, Security Consulting

Purpose:

The Resource Manager will work cross-team in coordination with the CEO, the Security Consulting and People Operations teams to collaboratively lead the resource management efforts – including the monitoring and coordination of team members’ availability, skills, project-related schedules, the matchmaking and assignment of security researchers for the security consulting projects.
Additionally, the Resource Manager will support the Business Development team by acting as a liaison between the proposal development process and project delivery planning, by communicating availability of the team members for new projects.

The responsibilities for the role include:

  • Work with the CEO and the Security Consulting Services team to plan and manage the personnel resources assigned to consulting projects in accordance with business priorities;
  • Plan and schedule appropriate workloads with security researchers to ensure coordination of client work with personal schedules and special projects;
  • Assess and monitor the skills and interests of the team members available for security consulting projects, including identifying needs for training existing team members and hiring new ones;
  • Monitor project requests from clients and leads to assess in-demand skills and identify needs for training and hiring;
  • Assist the project managers with communicating about upcoming projects, planning and coordinating internal availability and starting project specific teams of security researchers assigned to upcoming projects;
  • Manage conflicts of time requirements for team members, communicate capacity and coordinate availability with and  to other areas and projects within the company;
  • Collaborate with the Business Development team to make strategic assessments of internal capacity, team availability and matching interests in relation to the  acquisition of new projects and clients;
  • Document and iterate on processes to improve how internal capacity and availability of team members are managed and work is performed efficiently;
  • Work closely with the People Operations team in the hiring process of security researchers and other team members, considering the hiring needs and priorities; and
  • Act as a liaison between the People Operations team and the Project Managers to provide ongoing support to security consulting team members.

The requirements for this position are:

  • Demonstrated prior experience with resource management or equivalent roles, including but not limited to capacity planning, availability management, personnel coordination, learning and development (focus on skill assessment and resource planning), project management with focus on people and resource management, etc.
  • Strong communication and collaboration skills with the ability to interact effectively in a dynamic work environment.
  • Collaborative attitude with the ability to quickly understand business needs and priorities, to respond to and  plan the work responsibilities accordingly.
  • Ability to pay close attention to detail but continuously accounting for the broader context within the area of responsibility.
  • Self-driven and proactive attitude and the ability to react with flexibility to a high-rhythmic work environment.
  • Strong organizational skills and the ability to navigate multiple resource planning requirements and scenarios.
  • Comfortable with working in a team.

Preferred but not required

  • Familiarity with or interest in the Web3, Security and Blockchain industry or curiosity to learn more
  • Previous experience in remote or globally distributed teams

Customer Support Lead or Manager - PrivateStorage

We are looking for a Customer Support Lead for our PrivateStorage product. This position involves setting up customer support processes and providing initial support for customers of our upcoming product. In addition to responding to support tickets, it involves creating and maintaining user/customer documentation, including FAQs, reporting on the types of support requests received, gathering feedback, and providing analysis of interactions to inform development improvements. We are looking for someone who can establish and build the customer support processes within our team.

The responsibilities of this role include:

  • Develop and implement customer support policies, procedures and standards to create an efficient customer service process and enhance customer satisfaction;
  • Manage the day-to-day functions of the customer support area;
  • Intake, evaluate and prioritize all incoming customers’ issues; 
  • Respond to customer queries in a timely, professional and accurate way, through various channels;
  • Guide the investigation process and ensure all customers’ issues are seen through to resolution;
  • Assist with responding to customer complaints on social media and reach out to provide assistance;
  • Keep accurate records and document customer service actions and discussions;
  • Determine customer support success metrics and report to the team on the status, along with opportunities for overall improvement;
  • Review current help options and suggest improvements to the product and supporting information to help customers to effectively use the product and specific features;
  • Identify significant underlying issues and patterns of customer issues to identify customer needs; 
  • Analyze and report product malfunctions (for example, by testing different scenarios or impersonating users) and collaborate with the QA team to ensure bugs are reported and addressed;
  • Update the team with information about technical issues and useful discussions with customers;
  • Share feature requests and report on effective workarounds utilized by customers, and collaborate with team members on developing solutions;
  • Keep ahead of industry’s developments and apply best practices to areas of improvement;
  • Maintain an orderly workflow according to priorities; and
  • Assist with hiring and training additional Customer Support Representatives when needed.

Helpful skills and attributes for this role include:

  • Customer service or help desk experience;
  • Experience using help desk software and remote support tools;
  • Maintaining a positive, empathetic, and professional attitude toward customers at all times;
  • Excellent interpersonal and communication skills;
  • Analytical and problem solving skills;
  • Multitasking and organizational skills;
  • Flexible, responsive, and comfortable in a fast-paced work environment; and
  • Able to work with global team members across various time zones.

The ideal person for this role has interest in some or all of the following areas:

  • Open source software development, applications and communities;
  • Security research and knowledge sharing;
  • Privacy Enhancing Tech and Internet Freedom; and 
  • Usability of tools and user feedback.

This is a full-time position.

More information on how to apply.

Technical Product Manager - PrivateStorage

We are looking for a Technical Product Manager to join our team. This position will lead the full software development life cycle for our PrivateStorage product, incorporating user feedback/research balanced with business and technical goals. It involves working cross-functionally with various members of the team to plan and release new versions of the product.   

The responsibilities of this role include:

  • Collaborate with management to develop the product vision and communicate with team members to ensure shared understanding for effective cooperation;
  • Plan, execute and manage the product roadmap to achieve the product vision;
  • Lead product development efforts from end to end: 
    • Create tickets, user stories, and well-defined acceptance criteria;
    • Create success criteria for testing and product acceptance;
    • Guide developers with clear direction and purpose, keeping a well-prioritized backlog and optimizing for efficiency in execution;
    • Validate and demo product releases to ensure all requirements are met;
  • Suggest workable solutions to development teams with consideration for product-market fit, positioning, and other market requirements;
  • Assist with defining and evaluate key metrics to optimize performance;
  • Implement staged launch of product;
  • Realize and tackle risk, develop contingency plans for common risks;
  • Seek ongoing insights from data, research, and market research;
  • Coordinate product releases with marketing, including feature release communications and technical documentation;
  • Collaborate with other team members to perform market research to identify and prioritize product opportunities; and 
  • Answer questions related to the product and its capabilities.

Helpful skills and attributes for this role include:

  • Knowledge of professional software engineering and best practices for the full software development life cycle, including code reviews, build processes, testing, and operations;
  • Experience serving as a technical product lead throughout the full software development life cycle is preferred;
  • Interest and/or experience in leading the product design and development from a technical perspective;
  • Excellent interpersonal and communication skills for working with a distributed team, including developers, engineers, Q.A., and operations;
  • At least one programming language – ideally Haskell, Rust, or Python;
  • Problem-solver with positive attitude to working through roadblocks;
  • Experience working with project management software; and
  • Experience working within a software development methodology like Agile.

The ideal person for this role has interest in some or all of the following areas:

  • Privacy Enhancing Tech, secure communications tools, security best practices, threat modeling, and network security;
  • Distributed and decentralized technologies;
  • Open source software and development practices;

This is a full-time position.

More information on how to apply.

DevOps/Site Reliability Engineer

Join our team as a DevOps/Site Reliability Engineer to support our development of file transfer and secure cloud storage services. In this role, you will implement DevOps processes, and improve engineering and operations processes in our globally distributed teams.

Responsibilities 

  • Provide cloud infrastructure for product development teams:
    • Lead the maintenance of strong infrastructure security;
    • Lead ongoing infrastructure architecture improvements; and
    • Participate in efforts to find and implement infrastructure optimizations.
  • Support the operation of software developed in-house:
    • Lead CI/CD efforts, including initial and ongoing implementation;
    • Lead implementation and use of monitoring systems including instrumentation of in-house software; and
    • Collaborate with all teams on DevOps practices.
  • Engage with the software development teams to foster mutual growth:
    • Contribute to process improvements to lower the cost of and increase the value of the development teams; and
    • Participate in design and code review for in-house software development.

Preferred Skills

We don’t expect any applicant to fulfill all of the below and encourage you to apply if you meet some of them. 

  • Background in DevOps engineering (Linux), preferably with experience in NixOS, as well as Terraform, Ansible and Docker 
  • Solid experience with distributed systems
  • Experience with open source software 
  • Experience with distributed tracing 
  • Ability to debug and analyze problems quickly
  • Maintains a clear overview of tasks, blockers, and relevant documentation for how issues are addressed: High on communication, low on tech debt
  • Experience working with remote teams with a communicative and inclusive work approach

Learn more about product development at Least Authority.

More information on how to apply.

Tech Lead, Zero-Knowledge Access Passes (ZKAPs) Service

This position will be part-time and based wherever you are – we are a remote-first company with our HQ in Berlin.

We are looking for a Tech Lead to help us design and build a service offering the use of Zero Knowledge Access Passes (ZKAPs), a cryptographic authorization protocol, to other organizations. 

The need for ZKAPs arose out of our development of PrivateStorage, a privacy-preserving file storage service. ZKAPs allow us to unlink individual actions from individual actors within a system (i.e. data about who signs up for a service and how they use that service), with the help of zero-knowledge proof technology. 

We are excited about the many possibilities for the use of ZKAPs to help protect user privacy in others’ services, especially services that utilize a subscription-business model. Join us to create a new privacy-preserving service that demonstrates and enables the value of ZKAPs beyond their initial implementation and facilitates their use by other organizations and services.  

To learn more about ZKAPs, you can read our ZKAPs whitepaper

The responsibilities for this position include:

  • Lead the full software development life cycle of the creation of a ZKAPs Service;
  • Help to evaluate and identify the most feasible way to develop and deliver ZKAPs to a range of organizations and services; 
  • Integrate the existing Rust and either Python or Haskell software into a library and service that can be integrated into clients’ applications; and 
  • Work cross-functionally with other contributors building, designing, marketing, selling, and supporting it.

The ideal person for this role has some skills in the following areas:

  • Experience serving as the technical lead throughout the full software development life cycle is preferred
  • Interest and/or experience in leading the product design and development from a technical perspective;
  • Interest and experience in Privacy-Enhancing Tech, secure communications tools, security best practices, threat modeling, and network security;
  • Knowledge of professional software engineering and best practices for the full software development life cycle, including code reviews, testing, technical operations and continuous delivery; and
  • Excellent interpersonal and communication skills for working with a distributed team.

The ideal person for this role has interest in some or all of the following areas:

  • Applied and advanced cryptography, like zero-knowledge proofs
  • Haskell and Rust programming languages; 
  • Distributed and decentralized technologies;
  • Open source software and development practices.

Learn more about product development at Least Authority.

More information on how to apply.

Smart Contracts Security Researcher & Engineer (Multiple Ecosystems and Languages)

This position can be project-based, part-time or full-time based on your interests and our needs.

We’re looking for a Smart Contracts Security Researcher & Engineer to join our team. You can be a security researcher, software engineer, computer scientist, or mathematician who is interested in doing smart contract security research and analysis. Experience or interest in learning smart contract languages, including, but not limited to, Solidity, Michelson, Ligo, SmartPy, and Clarity is required.

This position will work with our Security Consulting team on smart contract projects for a variety of ecosystems, including, but not limited to, Ethereum, Tezos, Stacks, and Cosmos. The role involves analyzing designs, specifications and codebases, along with documenting findings, providing recommendations, and communicating with consulting clients. Research will use the latest security best practices, knowledge of advancements in related fields, and previous experience / findings.

Training
We will provide cross-language training to applicants familiar with the smart contracts and / or Decentralized Finance (DeFi) concepts and qualified in at least one smart contracts language.

We are also seeking qualified candidates who are interested in conducting internal knowledge sharing and training about the security of smart contracts.

The ideal person for this role has some skills in the following areas:

  • Distributed & decentralized technologies
  • Smart contract systems and DeFi concepts and applications
  • Blockchain, cryptocurrency and Web 3.0 systems
  • Open source software and development practices
  • Security research and knowledge sharing to advance best practices
  • Adversarial scenarios, attack vectors and threat modeling
  • Privacy Enhancing Tech and secure communications tools
  • A deep understanding of least one smart contract coding language, with a drive to learn additional ones, such as: Solidity, Michaelson, Ligo, SmartPy, Clarity

Learn more about our security consulting work by browsing our published reports.

More information on how to apply.

Security / Cryptography Researcher & Engineer

This position can be project-based, part-time or full-time based on your interests and our needs.

We’re looking for a Security or Cryptography Researcher & Engineer to join our team. You could be a software engineer, computer scientist, or mathematician who is interested in doing security research and engineering for advanced applied cryptography, especially with distributed systems. This position will work with our Security Consulting team on projects ranging from blockchain protocols to data management to zero-knowledge proofs. It involves analyzing designs, specifications and codebases, along with documenting findings, providing recommendations, and communicating with consulting clients. Research will use the latest security best practices, knowledge of advancements in related fields and previous experience / findings.

The ideal person for this role has interest in some of the following areas:

  • Distributed & decentralized technologies
  • Applied & advanced cryptography, like Zero-Knowledge Proofs
  • Blockchain, cryptocurrency and Web 3.0 systems
  • Open source software and development practices
  • Security research and knowledge sharing to advance best practices
  • Adversarial scenarios, attack vectors and threat modeling
  • Privacy Enhancing Tech and secure communications tools
  • A deep understanding of at least one coding language, with a drive to learn additional ones, including but not limited to: Go, Rust, Haskell, Solidity, Michelson, C++

Learn more about our security consulting work by browsing our published reports.

More information on how to apply.

General Applications

If you think you’d make a great addition to our team, you are welcome to introduce yourself to us for future consideration.

More information on how to apply.