Application Security Engineer

About The Role

We’re looking for a highly skilled and motivated DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness. The ideal candidate will have a strong software development background, SDLC security principles, and threat modeling for application-based features.

What You'll Do

• Design, develop, and implement secure software development and deployment pipelines, incorporating security best practices, automation, and continuous integration/continuous deployment (CI/CD) methodologies.
• Collaborate with development, operations, and security teams to identify and prioritize security vulnerabilities/issues and requirements and integrate security controls into the development lifecycle.
• Perform vulnerability assessments and security code reviews to identify and address security vulnerabilities and risks.
• Implement and manage security tools and technologies such as SCA, SAST, IaC Security, etc.
• Develop and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry best practices.
• Stay updated with the latest security trends, vulnerabilities, and threat intelligence to proactively identify emerging risks and recommend security enhancements.
• Collaborate with cross-functional teams to conduct security awareness training and promote a culture of security within the organization.
• Evaluate blockchain protocol repositories for in-depth security and resiliency analysis reporting.
• Use market data analysis to identify risk vectors for various crypto assets.
• Understand complex protocol governance structures to prepare concise reporting for executive consumption and decision-making.
• Analyze crypto asset data across various sectors to provide recommendations for the organization based on variable risk tolerances and use cases.
• Take part in various tasks related to custody operations.

What You'll Bring

• 5+ years in DevSecOps or a similar role
• Bachelor’s degree or equivalent experience
• Proven experience in software development, DevSecOps, or a related role
• Strong knowledge of software development methodologies, tools, and frameworks
• In-depth understanding of security principles, best practices, and industry standards (e.g., OWASP, NIST, ISO 27001)
• Experience with DevOps and CI/CD practices, including GitLab/GitHub and ArgoCD tools
• Familiarity with cloud platforms (e.g., AWS, Azure, GCP, and associated security controls
• Proficiency in scripting and programming languages (e.g., Python, NodeJS, C)
• Strong problem-solving and analytical skills, with the ability to identify and mitigate security risks
• Excellent communication and collaboration skills, with the ability to work effectively in cross-functional teams
• Relevant certifications (e.g., Certified Ethical Hacker (CEH), Certified Information
• Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP)) are a plus
• Understanding technical documents and blockchain protocols
• Strong analytical skills
  
  

Nice-To-Have

• Bachelor’s degree in Computer Science, Information Security, or a related field
• Crypto enthusiasm