Quarkslab is a high-end cybersecurity company, highly skilled in vulnerability research and design of security solutions for a tailored level of defense.
QUARKSLAB’S SOFTWARE
softwares
Malware are growing faster than one software can analyze: combine all detections together.
softwares
Code & Data obfuscation to protect everywhere.
QUARKSLAB’S SERVICES
Defensive security
  • Security developments: crypto, protocols, fuzzers, patch system for outdated programs.
  • Cryptography design.
  • On-demand R&D: anti-root, disassembler, custom probes for IRMA.
Offensive security
  • Vulnerability, patch and exploit analysis
  • Cryptography and DRM pentesting
  • Software assessment
Training
  • Reverse engineering
  • Vulnerability research
  • iOS & Android pentesting
We provide tailored services for profound technical issues to leverage your data protection.
QUARKSLAB’S corporate DATA
CONFIDENTIALITY
As we work in sensitive environments we do
not disclose our clients’ references.
Realizations
> Multiple CVEs reported to Apple, Adobe, Microsoft, Siemens, Samsung, etc.
> Regular speakers in international conferences
eg. HITB, Hack.lu, CSW, PacSec, SSTIC.
> Capacity to assess software security certified by ANSSI.
> Open assessment of the Chatsecure application.
full-time employees
mainly security
researchers and developers.
thesis in progress
PhDs
Careers
We have several open positions:
The company

Quarkslab is building new tools to analyze what is going on with the security of computer systems, from a new multi-platform dynamic binary instrumentation tool (https://github.com/quarkslab/QBDI) to a symbolic execution framework like Triton (http://triton.quarkslab.com) and several other advanced software security tools. As code bases grow faster and faster in size and complexity, new simple yet powerful toolsneed to be designed to help security practitioners and researchers in their daily work.

System audits and vulnerability research must be taken to a new stage and we are working towards that goal.

Founded 6 years ago, Quarkslab is working internationally since its origins. Whereas we are based in Paris (France), we are now opening offices in Japan and Argentina.


How to apply

Send a resume to the email address provided in the job description.

Explain in your message the relevant projects (links to published code is better!) you have been working on to demonstrate you fit the position and why you are applying. Make it personal, we are interested in people motivated to be involved in taking Quarkslab to a new stage.

We will reply with a small challenge to give us the opportunity to discuss both what we are building, and how you can bring your own experience in that.



DevOps engineer based in Paris
Description

Quarkslab, a high-end cybersecurity company founded 5 years ago, is looking for a devops engineer with advanced sysadmin skills to reinforce his team.


Key responsabilities
  • You will contribute to the devops part of our products by improving automation, deployment scalability and CI/CD process.
  • You will be in charge of the administration, the information system, and the machines used by projects hosted internally and externally.
  • You will prepare and perform production step, optimize performances, and ensure availability of the information system

Profile
  • Team player, autonomy
  • Curiosity and ability to summarize
  • Ability to communicate clearly with other employees
  • Appetite for a geek work environment

Mandatory skills
  • Linux environment (Debian/Ubuntu)
  • Git
  • Development in Python
  • Conitnuous integration (Jenkins, Gitlab)
  • Automation (one of Ansible, Chef, Puppet)
  • Virtualization (vagrant, libvirt, vSphere, …)
  • Networks (VLAN, routing, firewall, …)
  • Enterprise services (DNS, LDAP, DHCP, …)
  • Technical English (you will have to interact with non French-speaking people)

Appreciated skills
  • Network configuration (switches, routers, wifi access point)
  • Knowledge in security

Experience
  • Engineering/Master degree in computer science. A few years of experience (professional or personal projects) is a plus.

Information
  • Job is full-time employment (FTE) based in Paris (France), remote can be considered depending on the profile.
  • Contact: job-adminsys(AT)quarkslab.com


Compiler engineer
Description

It has been four years since Quarkslab has launched the development of the Epona LLVM bytecode obfuscator (https://epona.quarkslab.com). In order to expand the Epona team, Quarkslab is looking for a compiler engineer, motivated by research and development on a stable and yet still evolving compiler project based on LLVM.

Part of the team presented this work at the 2017 LLVM developer meeting (https://www.youtube.com/watch?v=d72Snpxx4Co).

Quarkslab is based in Paris, but most of the compilation team is working remotely around Lyon. Working remotely is thus possible :)


Profile

You are :

  • Team player
  • Autonomous
  • Curious
  • Able to analyze and synthesize
  • Able to communicate with peers, share your findings and thoughts

Required skills
  • Previous experience as a developer within a compilation infrastructure
  • Demonstrated and solid C++ background
  • Ability to summarize in precise brief descriptions of software technical issues

Appreciated skills
  • Experience in reverse engineering and software protection
  • General knowledge and interest in the information security field
  • Practical knowledge in program analysis or programming language design and implementation
  • Fluency in English (written and spoken)

Non-exhaustive list of daily tasks
  • Develop new transformations based on the LLVM framework (and obviously test them :))
  • Generate your own and review other's code
  • Test, fix, document, deploy software
  • Review and discuss implementations, architecture and features with other team members, and get inspiration from reverse-engineers
  • Help taking a new idea and making it concrete!
  • Bring fresh blood with new ideas :)

Unofficial description

Are you looking for something really different? Tired of optimizing, fine tuning your compiler to rip the best performance of the hardware? We are building our own compiler!

Don't miss this opportunity to inject your small touch of madness and make it live and grow within user code! But be aware that you will also be responsible for testing, debugging and deploying your crazyness into a multi-os, multi-arch environment!


Coding challenge

To assess your compiler skills, and challenge your creativity, we're proposing a small test: guard a single basic block by an opaque predicate that is always true, but not trivially true. That's a very basic obfuscation, you should be able to deal with it in less than an hour. A solution in LLVM would be appreciated, but any compiler infrasturure (and input language) is a valid option. In C, that would be as simple as turning:

            
  stuf();
            
          

into:

            
  if(1 /* find something better*/)
    stuff();
            
          

Please submit your solution alongside your CV if you're applying for the job!

  • Job is full-time employment (FTE) based in Paris (France) or in remote
  • Contact: job-epona(AT)quarkslab.com