Application Security Engineer

About Our Company

BitGo is a leading infrastructure provider of digital asset solutions, specializing in custody, wallets, staking, trading, financing, and settlement services. Since its establishment in 2013, BitGo has been dedicated to empowering clients to navigate the digital asset space securely. With a global reach and multiple Trust companies, BitGo caters to thousands of institutions and millions of retail investors worldwide, including top industry brands, exchanges, and platforms. BitGo plays a pivotal role in handling a significant portion of Bitcoin network transactions and is recognized as the largest independent digital asset custodian and staking provider globally.

Job Summary

We are seeking a versatile Application Security Engineer to join our team and help enhance the application security practices at BitGo. This role offers an exciting opportunity for you to proactively prevent and detect vulnerabilities, making a significant impact. Emphasizing quality, automation, and efficiency, you will collaborate with the local team during regular business hours, potentially requiring evening meetings as required.

Primary Responsibilities

• Develop automated security testing to validate the use of secure coding best practices
• Create and deliver secure development training
• Participate in application security reviews and threat modeling, including secure code review and dynamic testing
• Manage application security vulnerabilities
• Support the bug bounty program
• Assist with preparing secure releases
• Provide guidance to engineering teams regarding application security best practices
• Lead security projects from concept through to implementation
• Enhance the security program using the NIST CSF framework
• Contribute to any relevant incident response activities

Required Skills & Experience

We seek team players who embody our values of open communication, transparency, ownership, and craftsmanship, aligning with our mission to establish trust in digital assets.

Required:

• Minimum 5 years of experience in application security
• 1-2 years of software development experience
• Knowledge of common security libraries, controls, and flaws
• Proficiency with OWASP, static/dynamic analysis, and security tools
• Basic grasp of network and web-related protocols
• Experience with vulnerability management lifecycle
• Familiarity with cloud security controls and best practices
• Ability to work effectively with developers
• Strong professional communication skills, both written and verbal
• Preference for familiarity with programming languages used at BitGo (TypeScript, Go, Python, Java, Kotlin)

Why Choose BitGo?

Disrupting the industry requires vision, innovation, passion, technical expertise, drive, collaboration, and execution. Join our team of dedicated individuals who exemplify our values and aim for excellence. Be part of a team that aims to transform the world's financial markets.

Benefits of Working at BitGo:

• Competitive salary
• IT equipment support
• Meal and commute allowance
• Medical insurance
• Well-being allowance for medical, wellness, and fitness aspects
• Complimentary snacks at the office
• Opportunities for learning and growth alongside a talented workforce

Please Note: This role involves onsite work at the Bangalore office from Monday to Friday. Expanding the boundaries of financial services, particularly with cryptocurrencies, requires a forward-thinking mindset. Come join us and be part of the team that revolutionizes finance.