Responsibilities

• Own and run Application Security tools and processes. This includes:
• SAST/DAST/SCA scanners
• Secure code reviews
• Threat-modeling
• Penetration testing APIs/web/mobile apps
• Bug-bounty program
• Secure SDLC
• Innovate and build tools that automate the detection of security issues and processes.
• Write security libraries and harden existing internal libraries for developers consumption.
• Build standards and guides and deliver training for developers to write secure code.
• Be a trusted security advisor to engineering teams.

Qualifications

• 3+ years of hands-on experience in Application Security.
• Be an expert in security basics and penetration testing of webAPIs, web and mobile applications.
• Experience in conducting secure code reviews.
• Interest and knowledge to code using Go/Python/NodeJS.
• Passion for automation and an eye for details.
• Skills to solve problems with effective communication and a sense of drive.
• OSCP/OSWE certification is a plus.
• Prior experience in blockchain-related stack is a plus.