Remote Application Security Engineer - Crypto

Description:

• Career Renew is recruiting for an Application Security Engineer - Crypto for a fully remote role, requiring candidates to be based in the EU/UK.
• The position involves joining a team of experts to build leading blockchain wallet infrastructure for the next financial era.
• As an Application Security Engineer, you will report to the CISO and lead application security efforts.
• The role requires identifying and mitigating risks, addressing vulnerabilities, and protecting client data.
• You will assess security risks, detect threats, and implement mitigation strategies while ensuring compliance with security policies.
• Advanced knowledge of API security, web-based vulnerabilities, penetration testing, and defense-in-depth strategies is essential.
• The ideal candidate should be passionate about security, finance, and blockchain, with broad expertise and a proactive approach to safeguarding systems and sensitive data.
• This role offers the opportunity to make a significant impact on the company's security posture in a fast-paced environment.
• Your goal will be to protect the software while building security features on time.

Responsibilities

• Contribute to the team’s vision for building secure and reliable products, setting roadmap priorities, and meeting deadlines with high-quality outcomes.
• Introduce innovative solutions to address application security challenges.
• Conduct security reviews, including code reviews, design reviews, and dynamic testing.
• Implement security and cryptography solutions.
• Identify design flaws and logical vulnerabilities.
• Develop and maintain a threat modeling framework.
• Guide software engineers on security best practices.
• Manage application security vulnerabilities.
• Support the bug bounty program and prepare security releases.
• Develop automated security tests to ensure secure coding practices.
• Assist in penetration testing and collaborate with external penetration testing firms.
• Oversee the Secure Software Development Lifecycle (SSDLC).
• Design, research, and execute attacks to improve defensive strategies.
• Publish blog posts and present at security conferences on discovered vulnerabilities.
• Stay abreast of developments in crypto and blockchain to guide strategic goals.

Requirements:

• You must have 8+ years of experience as a Security Engineer or in a similar role.
• You should have 2+ years of experience in crypto, specifically working on blockchains.
• A noteworthy educational background is required, excluding executive certifications from a year ago.
• Familiarity with securing APIs and smart contracts is essential.
• You should be familiar with security libraries, controls, and common vulnerabilities.

Benefits:

• The salary for this position ranges from €120,000 to €160,000 per year under a full-time work contract.
• You will receive equity in the form of 300-600 stock options (i.e., 0.1-0.2%) vested over 4 years.
• The position is fully remote, with optional access to an office in France or the EU.
• You will be provided with a MacBook Pro and other essential work equipment.