Senior Application Security Engineer

Employer
Coinlist
Location
San Francisco, USA
Salary
Competitive
Posted
May 11, 2022
Closes
May 18, 2022
Ref
14860898
Job Function
Other
Industry Sector
Finance - General
Employment Type
Full Time
Education
Bachelors
CoinList is where the world's best crypto projects build their communities and early adopters can invest in and trade top-tier digital assets. Our mission is to accelerate the advancement of blockchain technology, by finding the best emerging blockchain projects and helping them succeed. CoinList has become the global leader in new token issuance, helping blue chip projects like Solana, Filecoin, Celo, Dapper Labs, and others raise over $800 million and connect them with hundreds of thousands of new token holders. And we now support the full lifecycle of crypto investment, from token sales through token distribution, trading, lending, and crypto-specific services such as staking and access to decentralized-finance opportunities. CoinList users trade and store Bitcoin, Ether, and many other popular crypto assets through CoinList.co , CoinList Pro (our full-service exchange), and mobile apps, while also getting exclusive access to the best new tokens before they list on other exchanges.

Unlike other centralized crypto finance platforms, we're not here to just build a bank or a brokerage. We're building the platform for people who are passionate about moving crypto forward, and we're just getting started. Come join us and propel the future of crypto!

The Opportunity

This role is perfect for the security minded developer who has excelled in software engineering and is looking to build and enhance their application security specialization. This is a software engineering role with an application security specialization.

This role will have independence and ownership of critical security activities and will also have the guidance and mentorship of the CISO who has formerly led application security programs at major technology companies and also was a previous chairman of OWASP.

This role is a combination of directly shipping code to enhance security capabilities in our web applications and also driving developer security education and implementing security tooling for the betterment of application security.

Who you are:
  • You are an experienced software engineer - 5+ years software engineering experience including 2+ years of ruby experience
  • You've Shipped Code to Security Critical Systems - Prior software engineering experience focusing on security critical code such as authentication systems, payment systems, security bugs or similar
  • You Understand Common Software Security Risks - Understanding of web security risks and best practices such as OWASP top 10, secure software design, etc
  • You Are Knowledgeable on Cryptography - Working knowledge of encryption and hashing (symmetric, asymmetric cryptography, public/private cryptography, sha, etc)
  • You Worked with Security Testing Tools - Precious experience using web security testing tools such as web proxies and static, dynamic code testing software
  • You care about developer experience and velocity - You think about security approaches that enhance the speed of development, not detract
  • You are a good communicator - Ability to explain detailed security topics to other engineers that may not be experts in security
  • You prioritize highly technical items thinking about the bigger picture - Ability to work within the security team to prioritize application security gaps and build prioritized plans based on individual risk levels
  • You systematically tackle complex big tasks - Ability to execute on large projects, breaking down complex objectives into individual tasks and working with other stakeholders across engineering
What you will do:
  • Security Engineering - Identify, build and ship critical security controls in code
  • Security Training - Launch developer security training program and enhance with specific feedback from our own code base
  • Security Testing - Implement security analysis tools such as static or dynamic analysis testing
  • Security Partnerships - Collaborate with external security researchers and third party services to enhance our security offerings
As an early employee at CoinList, you will be a critical part of our core team and have a huge influence over the direction of the company. We will compensate you well, invest deeply in your development, and do everything we can to make sure this is the single best work experience of your life. At CoinList, we are proud to be an Equal Opportunity Employer. We celebrate diversity, value our differences, and are committed to creating an inclusive environment for all employees.

#LI-Remote

Similar jobs

Similar jobs

  • You need to sign in to save