Senior Security Engineer, Application Security / Red Team

BlockiFi

Jan 14

Description

Have extreme attention to detail without sacrificing execution rigor
Bias towards action and own tasks end-to-end
Work through hurdles and tactfully navigate the organization driving towards the objective
Be a doer that can get things done and unblock tasks while building deep organizational relationships along the way
Be thoughtful and analytical - ask why and challenge preconceived notions
Ability to work independently with minimal supervision
Own the company’s problems like they are your own
Obsessive drive and passion for security and building products people use

Requirements

Working knowledge of NIST, ISO, OWASP and similar frameworks
Knowledge of current threats and vulnerabilities found in financial services and crypto industries
Comfortable with Git, Jira, Jenkins or similar tools
Knowledgeable in scripting languages including but not limited to Python and Bash. Elixir is a plus
Solid experience in threat modeling and identification techniques
Ability to work with developers to resolve security issues
Experience in code reviews, vulnerability detection, and root cause analysis
Background in software development, software quality assurance, or similar engineering roles
History working with or on security operations, security engineering, or incident response teams
Hands-on experience implementing and managing static code analysis solutions such as Veracode’s SourceClear
Experience using and/or managing HackerOne or similar bug bounty programs – experience only as a hacker on these platforms is sufficient

Description

Have extreme attention to detail without sacrificing execution rigor
Bias towards action and own tasks end-to-end
Work through hurdles and tactfully navigate the organization driving towards the objective
Be a doer that can get things done and unblock tasks while building deep organizational relationships along the way
Be thoughtful and analytical - ask why and challenge preconceived notions
Ability to work independently with minimal supervision
Own the company’s problems like they are your own
Obsessive drive and passion for security and building products people use

Requirements

Working knowledge of NIST, ISO, OWASP and similar frameworks
Knowledge of current threats and vulnerabilities found in financial services and crypto industries
Comfortable with Git, Jira, Jenkins or similar tools
Knowledgeable in scripting languages including but not limited to Python and Bash. Elixir is a plus
Solid experience in threat modeling and identification techniques
Ability to work with developers to resolve security issues
Experience in code reviews, vulnerability detection, and root cause analysis
Background in software development, software quality assurance, or similar engineering roles
History working with or on security operations, security engineering, or incident response teams
Hands-on experience implementing and managing static code analysis solutions such as Veracode’s SourceClear
Experience using and/or managing HackerOne or similar bug bounty programs – experience only as a hacker on these platforms is sufficient