Cryptography Engineer

Position- Cryptography Engineer

Location : Dallas, TX else Remote is also fine

Job description:

Job Summary

We are seeking an experienced and highly skilled Senior Software Security Engineer to join our core protection team. In this role, you will be responsible for designing, building, and maintaining our next-generation white-box cryptography solutions. You will develop a sophisticated tool that transforms standard cryptographic algorithms into key-obfuscated, tamper-resistant code designed to run securely in untrusted environments. This is a critical role for protecting our company's most valuable digital assets and intellectual property at the application level.

Key Responsibilities

Design & Develop: Lead the architecture and development of our White-Box Crypto Generator tool, which takes cryptographic algorithm specifications (e.g., AES C files) and secret keys as input.

Implement Cryptography: Implement and transform symmetric-key cryptographic primitives into white-box implementations. This involves deep manipulation of algorithmic steps like S-Boxes, MixColumns, and key scheduling.

Table Generation & Obfuscation: Develop the core logic for generating large, randomized lookup tables and applying internal linear and non-linear bijections to obscure data flow and intermediate values.

Compiler Integration: Integrate the generator with advanced compiler toolchains, specifically using LLVM/Clang and obfuscation frameworks like Hikari, to create a hardened, multi-layered final library (.so, .dll, .a).

Security Research: Stay at the forefront of software protection by researching the latest academic and public attacks against white-box cryptography (e.g., Differential Computation Analysis - DCA, algebraic attacks) and designing countermeasures.

Testing & Validation: Create and implement robust testing frameworks to validate the correctness, performance, and, most importantly, the security of the generated white-box libraries against known attack vectors.

Collaboration: Work closely with application development teams (e.g., mobile, desktop) to ensure the successful integration and deployment of the white-box crypto library.

Required Qualifications (Must-Haves)

Bachelor's degree in Computer Science, Computer Engineering, or a related technical field.

5+ years of professional software development experience, with a strong focus on systems-level programming.

Expertise in C/C++: Demonstrated ability to write clean, efficient, and low-level code.

Deep Knowledge of Cryptography: A firm theoretical and practical understanding of symmetric-key cryptography, particularly the internal workings of AES (Rijndael). You should be able to explain the purpose of each step in an AES round.

Software Security Fundamentals: Solid experience in software reverse engineering (Ghidra, IDA Pro), binary analysis, and debugging (GDB). You must be able to think like an attacker.

Proficiency with scripting languages like Python for tooling and automation.

Preferred Qualifications (Nice-to-Haves)

Master's or Ph.D. in a field related to Cryptography, Compiler Technology, or Computer Security.

Direct experience with compiler internals (LLVM, Clang, GCC), including writing compiler passes or plugins.

Proven experience with code obfuscation techniques and tools (Obfuscator-LLVM, Hikari, etc.).

Prior experience in developing or analyzing white-box cryptography implementations.

Familiarity with x86 and/or ARM assembly language.

Experience with securing applications on mobile platforms (Android/iOS) where white-box solutions are commonly deployed.

Published research or conference presentations in relevant security fields (DEF CON, Black Hat, etc.).