Application Security Engineer

Recruitment Room Europe provided pay range

This range is provided by Recruitment Room Europe. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

$120,000.00/yr - $160,000.00/yr

Join a team of experts to build the leading blockchain wallet infrastructure for the next financial era. As an Application Security Engineer, you report to our CISO and lead application security efforts. We're looking for a seasoned security engineer to identify and mitigate risks, address vulnerabilities, and protect client data. You will assess security risks, detect threats, and implement mitigation strategies while ensuring compliance with security policies. Advanced knowledge of API security, web-based vulnerabilities, penetration testing, and defense-in-depth strategies is essential. The ideal candidate is passionate about security, finance, and blockchain with broad expertise and a proactive approach to safeguarding systems and sensitive data. This role offers the opportunity to make a significant impact on our security posture in a fast-paced environment. Your goal: protect our software, while building security features on time.

Responsibilities

• Contribute to the team's vision for building secure and reliable products, setting roadmap priorities, and meeting deadlines with high-quality outcomes.
• Introduce innovative solutions to address application security challenges.
• Conduct security reviews, including code reviews, design reviews, and dynamic testing.
• Implement security and cryptography solutions.
• Identify design flaws and logical vulnerabilities.
• Develop and maintain a threat modelling framework.
• Guide software engineers on security best practices.
• Manage application security vulnerabilities.
• Support the bug bounty program and prepare security releases.
• Develop automated security tests to ensure secure coding practices.
• Assist in penetration testing and collaborate with external penetration testing firms.
• Oversee the Secure Software Development Lifecycle (SSDLC).
• Design, research, and execute attacks to improve defensive strategies.
• Publish blog posts and present at security conferences on discovered vulnerabilities.
• Stay abreast on developments in crypto and blockchain to guide strategic goals.

Requirements

• 8+ years of experience as a Security Engineer or in a similar role.
• 2+ years of experience in crypto, working on blockchains.
• Bachelor's degree or higher in computer science or similar field.
• Familiarity with securing APIs and smart contracts.
• Familiar with security libraries, controls, and common vulnerabilities.
• Ability to assess and prioritize threats based on potential impact.
• Strong understanding of supply chain attacks.
• Experience with penetration testing tools and methodologies.
• Familiarity with static and dynamic application security testing tools.
• Deep knowledge of network and web protocols.
• Expertise in secure networking implementation and applied cryptography.
• Experience with vulnerability management processes.
• Familiar with cloud security best practices.
• Ability to work collaboratively with development, DevOps, and product teams.
• Knowledge of industry standards like ISO 27001, NIST, or CIS.
• Understanding of compliance requirements such as GDPR, SOC 2, or PCI DSS.
• Hands-on experience with secure coding practices and secure software development lifecycle (SSDLC).
• Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Experience with Typescript and Rust (or similar languages).
• Relevant certifications are a plus (e.g., CISSP, CEH, OSCP, GWAPT).

Compensation & Package

• Salary: 120,000-160,000 per year (full-time work contract).
• Equity: 300-600 stock options (i.e., 0.1-0.2%) vested over 4 years.
• Location: France or EU (fully remote with optional access to office)
• Equipment: MacBook Pro and other work essentials.

Interview Process

1. Hiring Manager Interview: Intro call with Co-CEO (30 min).
2. Behavioral Interview: Personality and cognitive tests.
3. Technical Interview: Interview with the CISO - (30 mins).
4. Take Home Test: Coding test in a language of your choice.
5. Group Interview: Focus interview with hiring panel (90 min).

Followed by Reference calls and background checks.

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Information Technology

Industries

Business Consulting and Services

#J-18808-Ljbffr

---