Are you passionate about securing cutting-edge applications in the fast-paced world of cryptocurrency? Want to work with a talented team, enhancing security and protecting valuable assets in a growing digital landscape?
If so, we’d love to have you on board!
As an Application Security Engineer, you’ll be responsible for ensuring the safety and security of our crypto-related applications, working closely with cross-functional teams to develop and implement best practices in application security.
Responsibilities:
-
Collaborate with development and DevOps teams to address security issues in the software development lifecycle.
-
Conduct security architectural reviews, set security requirements, and ensure new features meet security standards.
-
Create and update security policies, standards, and procedures related to secure development.
-
Identify and mitigate risks associated with application infrastructure, implementing effective security measures.
-
Research and improve methods for detecting security threats in the cryptocurrency industry, proposing strategies to counteract them.
-
Design DevSecOps solutions, onboard and configure AppSec tools (DAST, SAST).
-
Participate in Patch and Vulnerability Management processes, assessing security vulnerabilities in applications and infrastructure.
-
Develop security practices for designing secure APIs.
-
Stay updated on modern approaches to securing crypto-asset applications.
Requirements:
-
A degree in a relevant field, such as Information Security or Computer Science.
-
2+ years of experience in Application Security.
-
Proficiency in reading and understanding Bash, Python, and Go code, with the ability to identify security flaws.
-
Knowledge of common security vulnerabilities and protection methods.
-
Hands-on experience with security tools (SAST, DAST, SIEM, WAF, Anti-DDoS, Vulnerability Management).
-
Familiarity with security standards and frameworks (NIST, MITRE, ISO 27k, PCI-DSS, OWASP ASVS, OWASP Top 10, OWASP SAMM).
-
Understanding of containerization and orchestration security (Docker, K8s).
-
Technical knowledge of Blockchain and cryptography, as well as best practices in securing corporate information systems (Zero Trust, 2FA/MFA, Principle of Least Privilege).
-
Proficiency in technical English, for understanding documentation and communicating with international standards.
Nice-to-Have:
-
Experience with API security testing.
-
Understanding of SSDLC and DevSecOps processes.
-
Relevant certifications (BSCP, OSWE, OSCP).
-
Active profile on security learning platforms (e.g., HackTheBox).
-
Participation in CTF competitions.
What We Offer:
-
Fully remote position — work from anywhere!
-
28 days of paid vacation and fully paid sick leave.
-
Competitive salary in USDT.
-
Opportunity to work in a fast-growing and innovative cryptocurrency company