Senior Security Engineer, Application Security
London, Miami, San Francisco, Los Angeles, Remote
Applications have closed
Blockchain.com
Blockchain.com is the world's most popular way to buy bitcoin, ethereum and more with trust. Securely store, swap, trade and buy the top cryptocurrencies.Blockchain.com is the world's leading software platform for digital assets. Offering the largest production blockchain platform in the world, we share the passion to code, create, and ultimately build an open, accessible and fair financial future, one piece of software at a time.
We are looking for a Senior Application Security Engineer to join our Security team as we tackle some of the most interesting problems in the crypto space, like how do we securely scale a distributed financial platform that touches millions of people a day.
At Blockchain.com, Security is a mindset and a set of engineering approaches to better protect stakeholders, users and systems by building our creative engineering solutions to hard, sometimes previously unseen problems. The Security team is responsible for the big picture of how systems are designed for Security, and we use a breadth of tools and approaches to solve a broad spectrum of problems. Practices aimed at achieving proactive identification of potential threat actors combined with in-depth investigation of security issues into iterative improvement are key to both product security and interesting and dynamic day-to-day work.
Security at Blockchain.com is a work in progress - we are looking for an experienced, Senior Application Security Engineer to expand our Security platform and provide leadership across the Security and the broader engineering team. Are you ready for a challenge?
WHAT YOU WILL DO:
- Work closely with Engineering teams to define security requirements and perform design assessments at early stages.
- Perform code reviews across the lifecycle of products, and penetration tests on internal and Internet-facing services.
- Develop, communicate, and promote best practices for the secure development and deployment of services.
- Implement improvements in the strategy, processes and tooling, enhance the overall Secure Software Development Lifecycle process and lead the adoption of the “Security by design” principle.
- Build software and implement tooling to validate and enforce secure baselines for software development, deployment and release.
- Review development processes for security functionality and consistency and develop Security playbooks.
- Design and implement libraries and tooling for security sensitive operations (data encryption, authentication, access, logging, input validation, etc.)
- Support Engineering teams with implementing security fixes, and develop strategies to proactively secure their code.
WHAT YOU WILL NEED
- Extensive knowledge of secure standards and practices to build software preferably in at least one JVM based language such as Java and Kotlin.
- Experience working on different kinds of assignments including code reviews, secure standard development, and building secure software.
- Proven experience implementing Security in highly regulated environments. Previous experience in cryptocurrency projects is a plus.
- Experience with OWASP, Static and Dynamic Application Security Testing (AST) and dependendency validation (SCA) tools. Experience with integration into CI/CD pipelines is a plus.
- Knowledge of Security monitoring techniques and tools to provide actionable events to trigger automated detection and containment and ensure traceability across the entire stack.
- An innate curiosity, strong inclination towards best practices and thrivingness on learning new technologies.
- A pragmatic approach to developing clean solutions to complex problems.
- The foremost quality for this position or any position at Blockchain.com is integrity.
COMPENSATION & PERKS:
- Amazing and accessible office location in the heart of London. We are also open to remote for this role.
- Unlimited vacation policy.
- Apple equipment.
- Full-time salary based on experience and meaningful equity in an industry-leading company.
- London Benefits: Private Medical Insurance (BUPA), Dental, Pension, Life, Short Term & Long Term Disability.
APPLICATION:
- LinkedIn profile.
- Link to github, stackoverflow, personal website and/or blog (if applicable).
- Favorite GIF
When you apply to a job on this site, the personal data contained in your application will be collected by one or more of the following subsidiaries of Blockchain Luxembourg S.A (each, a “Controller”):
- Blockchain Access UK Ltd.
- Blockchain (GB) Limited
- Blockchain (US), Inc.
- Blockchain (LT), UAB
You may contact our Data Protection Officer by email at dpo@blockchain.com. Your personal data will be processed for the purposes of managing Controller’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment.
Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards under the standard contractual clauses.
Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have to right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Blockchain CI/CD Cloud Crypto Encryption GDPR GitHub Java Kotlin Monitoring OWASP Privacy Product security Strategy
Perks/benefits: Career development Equity Flex vacation Health care Insurance Team events Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Specialist jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs