Volunteer Software Security & Cryptography Engineer

Volunteer Software Security & Cryptography Engineer

Responsibilities

• Architect and implement the end-to-end encryption (E2EE) layer for our messaging features using the Signal Protocol (or similar Double Ratchet implementations) within a React and Firebase environment.
• Manage complex client-side cryptographic state, including secure key generation, key storage (using IndexedDB/Web Crypto API), and multi-device session synchronization.
• Collaborate with the frontend team to integrate secure identity verification (fingerprints/safety numbers) without compromising the user experience for community sports organizers.
• Conduct security-focused code reviews to ensure no cryptographic material is accidentally exposed to the server or logging systems.

Preferred Requirements

• Strong proficiency in JavaScript and React.
• Tangible experience implementing End-to-End Encryption (E2EE) logic (familiarity with libsignal-protocol, OMEMO, or raw Web Crypto API is highly preferred).
• Deep understanding of cryptographic primitives, specifically Public Key Infrastructure (PKI), X3DH key agreement, and the Double Ratchet algorithm.
• Experience working with NoSQL/Firebase data modeling, specifically regarding how to store encrypted blobs and public key bundles efficiently.
• A passion for privacy and community collaboration tools.