Careers
Top Benefits and Exceptional Culture
We solve some of the hardest security problems in the industry — from securing AI systems and blockchains to auditing the cryptography and infrastructure that millions of people rely on every day.
Our culture rewards curiosity, deep technical work, and visible public output. Engineers ship open-source tools, present at conferences, publish research, and learn from one of the most concentrated benches of security expertise anywhere in the field.
Careers at a glance
Open roles
9
Currently hiring across assurance, research, and operations.
US remote
100%
Distributed team with overlapping core hours.
Application review
5–7 days
Business days from submission to first response.
PTO
4 weeks
Plus 15 company holidays and 4 months parental leave.
Open Positions
View All| Title | Location | Apply |
|---|---|---|
| Assurance · 4 | ||
| Engineering Director, Application Security | US Apply | Apply |
| Security Engineer, Application Security | US Apply | Apply |
| Security Engineer, Blockchain | US Apply | Apply |
| Senior Security Engineer, Agentic AI | US Apply | Apply |
| Research & Engineering · 1 | ||
| Security Engineer, Research & Engineering | US Apply | Apply |
| Operations · 1 | ||
| AI Systems Engineer | New York, NY Apply | Apply |
| Go-To-Market · 2 | ||
| Project Manager, Client Services | US Apply | Apply |
| Technical Marketing Manager, AppSec, Research and AI Security | US Apply | Apply |
Open application
Apply to our Talent Pipeline
For strong candidates whose role isn't posted yet.
8 open roles · Sourced from apply.workable.com/trailofbits
Hiring Process
Four stages
From application to offer in about three weeks.
Every candidate sees the same four stages. Each one is scoped to the role and weighted toward demonstrating real work rather than rehearsed answers.
-
Preliminary Screen
30 minA conversation with a Sr. Technical Recruiter about the role, your background, and what you're looking for next. No technical questions yet.
-
Technical Screening
60 minA discussion with an engineer or hiring manager on your area of expertise. Expect role-specific technical questions and a chance to ask your own.
-
Technical Assessment
3–7 daysA take-home exercise. Engineering roles work through a code challenge identifying and analyzing security vulnerabilities. Other roles get a scenario relevant to the position — a sourcing strategy, launch plan, or similar.
-
Final Panel Interview
90 min – 2 hrMeet several members of the team you'd join. The conversation covers the assessment, prior work, collaboration style, and how you'd fit into the team's day-to-day.
All interviews conducted on Google Meet. Application review takes 5–7 business days. Accommodations available on request.
Benefits
Premium Insurance & Wellness
-
Health insurance with no monthly premiums
-
Vision, dental, life, and disability coverage
-
Kindbody — gynecology and fertility care
-
HealthAdvocate, Teladoc, and OneMedical access
Top-Tier Compensation
-
401(k) with 5% company match
-
Competitive salaries benchmarked to market
-
Ongoing bonus opportunities
Generous Time Off
-
4 weeks PTO
-
15 company holidays
-
4 months paid parental leave
Multiple Bonus Opportunities
-
End-of-year performance bonuses
-
Continuing education, public presentations, and blog posts
-
Recruiting and referral bonuses
Professional Development
-
Continuing education stipend
-
Training sessions and learning courses
-
Internal R&D projects
Company Events
-
Conferences and off-sites
-
Company and team outings
-
Virtual events
Ancillary Benefits
-
ConnectYourCare FSA
-
Commuter benefits
-
Fitness stipends
Caring Perks
-
Charitable donation matching
-
Relocation assistance
Remote Work
-
1Password subscription
-
Work-from-home stipend
-
Remote-friendly policies across the firm
Recognition
| Year | Award | Source |
|---|---|---|
| 2025 | Best Midsize Remote Places to Work | Built In |
| 2024 | Best Midsize Places to Work (NYC) | Built In NYC |
| 2023 | Top NYC Workplace | Energage / amNY |
| 2023 | Best Startup Places to Work (NYC) | Built In NYC |
| 2022 | Best Small Places to Work (NYC) | Built In NYC |
| 2021 | Best Places to Work (NYC) | Built In NYC |
Common Questions
- When can I expect to hear back?
- Our team reviews applications within 5–7 business days. If your background looks like a fit, a recruiter will reach out to schedule a preliminary screen.
- What is the interview process like?
- Four stages: a 30-minute preliminary screen, a 60-minute technical screen, a 3–7 day take-home assessment, and a 90-minute to 2-hour final panel with the team you'd join.
- What should I expect in a technical assessment?
- Engineering roles work through a code challenge identifying and analyzing security vulnerabilities. Other roles complete a scenario relevant to the position — a sourcing strategy, a launch plan, or a similar applied exercise.
- Do you offer remote work options?
- Yes. All roles are remote-friendly and we operate across multiple time zones. Some positions list a primary city for tax or in-person purposes, but day-to-day work is remote.
- What are the working hours?
- Flexible, with sufficient overlap across time zones so teams can collaborate. Core hours are discussed during the interview and depend on the role and team.
- What kinds of engineering projects will I work on?
- Novel security analysis tools, smart contract audits, binary analysis, AI/ML security evaluations, cryptographic protocol analysis, open-source contributions, and security research publication. The exact mix depends on the team you join.
- What growth opportunities are there?
- Internal knowledge sharing, conference speaking, cybersecurity training, blog writing, and an annual learning and development stipend. Many engineers move between teams as their interests evolve.
- Where do I direct other questions?
- Email [email protected] and our recruiting team will respond.
Talent pipeline
Don't see what you're looking for?
We keep an open application for roles that aren't posted yet. If your background is unusual or strong, send us your details and we'll route you to the right team. Or email [email protected].