Application Security Engineer

Join a team of experts to build the leading blockchain wallet infrastructure for the next financial era. As an Application Security Engineer you report to our CISO and lead application security efforts. Were looking for a seasoned security engineer to identify and mitigate risks address vulnerabilities and protect client data. You will assess security risks detect threats and implement mitigation strategies while ensuring compliance with security policies. Advanced knowledge of API security web based vulnerabilities penetration testing and defenseindepth strategies is essential. The ideal candidate is passionate about security finance and blockchain with broad expertise and a proactive approach to safeguarding systems and sensitive data. This role offers the opportunity to make a significant impact on our security posture in a fastpaced environment. Your goal: protect our software while building security features on time.

Preferred experience

Responsibilities

• Contribute to the teams vision for building secure and reliable products setting roadmap priorities and meeting deadlines with highquality outcomes.
• Introduce innovative solutions to address application security challenges.
• Conduct security reviews including code reviews design reviews and dynamic testing.
• Implement security and cryptography solutions.
• Identify design flaws and logical vulnerabilities.
• Develop and maintain a threat modelling framework.
• Guide software engineers on security best practices.
• Manage application security vulnerabilities.
• Support the bug bounty program and prepare security releases.
• Develop automated security tests to ensure secure coding practices.
• Assist in penetration testing and collaborate with external penetration testing firms.
• Oversee the Secure Software Development Lifecycle (SSDLC).
• Design research and execute attacks to improve defensive strategies.
• Publish blog posts and present at security conferences on discovered vulnerabilities.
• Stay abreast on developments in crypto and blockchain to guide strategic goals.

Requirements

• 8 years of experience as a Security Engineer or in a similar role.
• 2 years of experience in crypto working on blockchains.
• Bachelors degree or higher in computer science or similar field.
• Familiarity with securing APIs and smart contracts.
• Familiar with security libraries controls and common vulnerabilities.
• Ability to assess and prioritize threats based on potential impact.
• Strong understanding of supply chain attacks.
• Experience with penetration testing tools and methodologies.
• Familiarity with static and dynamic application security testing tools .
• Deep knowledge of network and web protocols.
• Expertise in secure networking implementation and applied cryptography.
• Experience with vulnerability management processes.
• Familiar with cloud security best practices.
• Ability to work collaboratively with development DevOps and product teams.
• Knowledge of industry standards like ISO 27001 NIST or CIS.
• Understanding of compliance requirements such as GDPR SOC 2 or PCI DSS.
• Handson experience with secure coding practices and secure software development lifecycle (SSDLC).
• Ability to effectively communicate complex security concepts to technical and nontechnical stakeholders.
• Experience with Typescript and Rust (or similar languages).
• Relevant certifications are a plus (e.g. CISSP CEH OSCP GWAPT).

Compensation & Package

• Salary:per year (fulltime work contract).
• Equity: 300600 stock options (i.e. 0.10.2%) vested over 4 years.
• Location: France or EU (fully remote with optional access to office)
• Equipment: MacBook Pro and other work essentials.

Interview Process

1 Hiring Manager Interview

• Intro call with CoCEO (30 min).

2 Behavioral Interview

• Personality and cognitive tests.

3 Technical Interview

• Interview with the CISO (30 mins)

4 Take Home Test

• Coding test in a language of your choice.

5 Group Interview

• Focus interview with hiring panel (90 min).

Followed by Reference calls and background checks.

Location

France or EU/UK (fully remote with optional access to office)