Test your Web3 knowledge and claim your ZK certifications @ the new useWeb3 Academy

Senior Application Security

  • 🏛️intropia
  • 💰$48,000 - $84,000/year
  • 🏷️
  • 🌐
  • 📅2 months ago


Manage and contribute to planning, coordination and successful completion of security engagements. We welcome everyone willing to become a part of a digital payments market where our company features as one of the market leaders.

We are an IT product crypto processing company, currently, we are developing a unique cryptocurrency ecosystem around our main service and payment provider.

We are a “Remote-first” company, most of our employees work remotely, which does not prevent us from maintaining and strengthening the team spirit, mutual support, and willingness to help.

We are passionate about crypto, tech, and product development quality. If these feel close to you - give us a shout!

Responsibilities • Manage and contribute to planning, coordination and successful completion of security engagements • Lead and coordinate Security Audits for on-going projects: (from Architecture, Process, Risk and Testing etc.) • Work as a Security Consultant helping to establish secure development activities in SDLC end-to-end, be able to provide clarifications related to security in development • Perform Application Security Trainings for Development Teams • Contribute to building Secure Architecture and Design for the projects • Communicate with teams, be able to convey the message about importance of Secure Software development Life Cycle, the ways of establishing it • Cooperate with all sub-teams: BAs, Developers, QAs; build consistent understanding of Security Requirements, main Threats, Mitigations implemented • Define security requirements • Define security tools and associated security checks • Define security test strategy • Create initial cybersecurity requirements and include in the Product Backlog • Review secure coding rules • Produce user documentation for cybersecurity features • Perform review of all security testing defects and address them to project team • Force fix of security defects • Conduct a Final Security Review (FSR) to ensure completion of all SDL elements

Requirements • At least 3 years of practical proven experience in penetration testing • 3+ years of professional experience in the field of Software Development • Ability to perform evaluation of application requirements, processes, technologies • Experience with different exploitation tools and frameworks (Metasploit, BeeF, sqlmap, etc) • Ability to resolve technical problems when required • Ability to develop custom scripts needed for specific assessment purposes (Python, bash, PowerShell) • Ability to develop scripts for automation security checks • Ability to explain assessment results to technical and non-technical personnel • Experience in security testing of Web Applications based on (GoLang, PHP) • Experience in security testing of Web Services (SOAP, RESTful) • Understanding of at least one Security Development methodologies (e.g. Microsoft SDL, OWASP OpenSAMM, BSIMM etc) • Understanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Threat Modeling, Security Code Review • Understanding of security threats, their classification • Understanding of most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS etc.) and how they match the general classification • Understanding of main security concepts and principle

Nice to have: • Previous experience as software engineer, or knowledge of software development methodologies is desired, but not mandatory • Ability to develop, implement and guide security assessments’ process on the project • Experience in security testing of Mobile Applications (iOS, Android, Windows Mobile) • Familiarity with the tools for various security activities: Static Code Analysis, Pen Testing • Experience in security architecture and design reviews • Experience in threat modeling • Experience in SAST (static code analysis, manual code reviews)

Why Should You Choose Us? We are a rapidly developing company that is looking for new talents that will become part of the solid team that values every member and is ready to give them an exciting working experience in the fast-moving cryptocurrency industry. The company welcomes everyone willing to become a part of a digital payments market where we feature as one of the market leaders.