Application Security Engineer

Job Overview:

Our company is on a mission to enable enterprises and developers globally to leverage decentralized systems. We have a diverse team with expertise in Ethereum and Starknet protocol engineering, decentralized finance, security auditing, and more. Collaborating with prominent organizations in the industry, we operate with a 350+ remote team across various countries.

**Role

We are in search of an experienced Application Security Engineer to fortify the security of our applications. The ideal candidate will play a pivotal role in embedding security practices into the software development lifecycle (SDLC) and thwarting potential vulnerabilities effectively.

Key Responsibilities:

• Conduct detailed vulnerability assessments on web applications, identifying, replicating, and resolving security gaps.
• Fine-tune identified vulnerabilities to address false positives/negatives.
• Implement and uphold secure coding practices while working closely with remote development teams.
• Carry out security-focused code reviews and contribute to threat modeling endeavors.
• Lead the implementation and maintenance of automated security testing tools.
• Organize red-team exercises to assess and improve security protocols.
• Stay informed about the latest security trends, threats, and technologies.
• Mentor junior security team members and provide guidance as needed.
• Engage in early-stage design and planning discussions to ensure security aspects are accounted for.

Requirements:

• Minimum 5 years of application security experience.
• Proficiency in web application security and familiarity with OWASP Top 10 vulnerabilities.
• Experience with security tools and best practices in cloud environments, particularly AWS and GCP.
• Understanding of SAST, DAST, Software Composition Analysis practices.
• Knowledge of container security technologies like Docker or Kubernetes.
• Proficiency in network and web-related protocols (TCP/IP, UDP, HTTP, HTTPS).
• Familiarity with security standards and compliance frameworks such as SOC2, ISO 27001, or NIST.
• Excellent communication skills, both written and verbal.
• Strong problem-solving capabilities and analytical skills.
• Ability to work autonomously and manage tasks effectively.
• Proficient in English for clear and concise communication.
• Motivated with excellent time management skills suitable for remote work.
• Strong organizational skills and proactive approach to challenges.

Preferred Skills:

• General understanding of blockchain ecosystem and Ethereum network, smart contract auditing.
• Development or scripting experience in languages like JavaScript, TypeScript, Python, Go.
• Experience in secure implementation of authentication and authorization systems.
• Knowledge of penetration testing techniques, including Living Off The Land.
• Familiarity with threat modeling frameworks like STRIDE and PASTA.

If you are passionate about cutting-edge initiatives and aspire to work with a dynamic team committed to upholding top-tier security standards, this role offers an opportunity to drive secure applications and support the blockchain community as a whole.

Please note that by applying, you consent to the processing of your personal data by the Company for recruitment purposes, adhering to UK GDPR regulations. Refer to our privacy policy for further information. Withdrawal of consent is possible at any time. For queries, contact legalnotices@nethermind.

Stay updated on our latest developments by following us on social channels:

• Twitter
• Discord
• LinkedIn

View our Privacy Policy here.