Full-Time

Offensive Security Engineer

Device

Posted on 1/24/2025

Worldcoin

Worldcoin

201-500 employees

Provides digital identity for global economy

Fintech
Crypto & Web3
Financial Services

Compensation Overview

$280k - $320kAnnually

+ Long-term incentive package + Variable compensation

Senior

San Francisco, CA, USA

The job requires in-office presence in downtown San Francisco.

Category
Cybersecurity
IT & Security
Required Skills
Kali Linux

You match the following Worldcoin's candidate preferences

Employers are more likely to interview you if you match these preferences:

Degree
Experience
Requirements
  • 5+ years of experience in offensive security roles, such as penetration testing, vulnerability research, or red teaming, with a focus on embedded systems or devices.
  • Strong understanding of hardware security concepts, including secure boot, JTAG/SWD, on-device tamper detection and response, and SoC architectures.
  • Experience with reverse engineering tools such as IDA Pro, Ghidra, or Radare2, and debugging tools like GDB or common offensive security tools (e.g., Metasploit, Burp Suite, Kali Linux, or custom tooling).
  • Expertise in Linux security, including secure configurations, kernel hardening, and system monitoring tools, OP-TEE, Android security frameworks.
  • In-depth knowledge of secure coding practices, cryptographic principles, and attack mitigation strategies.
  • Proven track record of identifying and exploiting vulnerabilities in embedded systems, firmware, or IoT devices.
Responsibilities
  • Perform vulnerability assessments, penetration testing, or red team exercises to evaluate the security of devices and systems.
  • Simulate advanced attacks against hardware, firmware, and software to identify weaknesses and areas of improvement.
  • Develop proof-of-concept exploits to demonstrate the impact of discovered vulnerabilities.
  • Collaborate with engineering teams to review designs, code, and system configurations for potential security flaws, then provide actionable recommendations to mitigate risks and improve security defenses.
  • Manage 3rd party security auditing exercises or bug bounty program
  • Research emerging threats, techniques, and tools to ensure our device security capabilities remain at the cutting edge.
Desired Qualifications
  • Experience with hardware hacking techniques, such as PCB analysis, chip-off attacks, or side-channel attacks

Worldcoin provides a digital identity and financial network aimed at giving everyone access to the global economy, regardless of their location or economic status. Its main product is the Worldcoin wallet, which works with the World ID to enable users to make transactions on the Worldcoin network. The technology is based on an open-source protocol, allowing the community of developers and technologists to modify and improve it. This community is supported by the Worldcoin Foundation, which helps it grow until it can sustain itself. Unlike many competitors, Worldcoin focuses on universal access and operates globally, targeting individuals who want to engage in the economy through a digital identity. The company's goal is to democratize economic participation in an increasingly digital world.

Company Stage

Seed

Total Funding

$145.9M

Headquarters

San Francisco, California

Founded

2019

Growth & Insights
Headcount

6 month growth

-2%

1 year growth

1%

2 year growth

-1%
Simplify Jobs

Simplify's Take

What believers are saying

  • Worldcoin's expansion into emerging markets shows growing demand for digital identity solutions.
  • Partnership with Dune Analytics enhances transparency, potentially increasing user trust.
  • Continuous funding program by Worldcoin Foundation may inspire innovation and adoption.

What critics are saying

  • Worldcoin faces regulatory scrutiny in Germany over GDPR non-compliance.
  • Fines in South Korea highlight risks in regions with strict data protection laws.
  • Privacy concerns in Latin America could lead to legal challenges and impact trust.

What makes Worldcoin unique

  • Worldcoin offers a privacy-focused network with secure digital asset management.
  • The World App allows users to store World ID and manage digital assets securely.
  • Worldcoin operates on an open-source protocol, fostering a global developer community.

Help us improve and share your feedback! Did you find this helpful?

Benefits

Health, dental, & vision insurance for you & dependents

401(k) plan

Flexible work hours

Unlimited time off

Parental leave

Daily catered lunch and dinner upon return to office

Home office set up stipend

INACTIVE