Application Security Engineer
Remote - Sliema, Sliema, Malta
QredoQredo is a cross-chain protocol for asset managers and traders active in the digital asset markets. Using our institution-grade, layer 2 infrastructure, investors can now hold all their crypto assets securely in one place, with unlocked access...
At Qredo we are developing state of the art cryptographic services to solve the problem of private key management in Tier 1 blockchains. Specifically, we are using Multi-Party Computation Threshold signature scheme (MPC-TSS) for ECDSA and EdDSA to run a distributed, highly available network of signing nodes.
- Drive adoption and coverage of automated Application security testing in the Secure SDLC process and CI/CD pipelines (SAST, DAST, SCA, others).
- Perform security-related design and implementation reviews and risk analysis of the platform.
- Evaluation of security controls to insure adherence with compliance and industry best practices.
- Working with key business stakeholders to maintain and improve security activities in a timely and planned manner.
- Find and remediate security flaws across the software stack using penetration testing, vulnerability scanning and source code reviews.
- Support activities related to incorporating the Shift-left security approach.
- Maintain and improve secure coding standards and guidelines and deliver secure application development trainings.
- Develop technical documentation, including functional and system design specifications and Standard Operating Procedures as necessary.
- Work with external penetration testers to continuously improve security of the platform.
- Manage and improve our Bug Bounty program by coordinating with researchers and in-house developers, to evaluate, rank and remediate reported vulnerabilities.
- Developing and maintaining various custom automation tools to improve the capabilities and efficiency of the Application security team and the overall security of the company.
- Participate in Security incident response activities as needed.
- Solid understanding of Information Security principles and the specific behaviours and practices that would help secure Qredo’s information assets and intellectual property.
- Experience with Secure Software Development Lifecycle methodologies and security frameworks (OWASP standards, SANS, MITRE, NIST, others).
- Ability to clearly communicate security requirements and translate them into tangible project deliverables.
- Excellent analytical skills, attention to detail, and ability to methodically troubleshoot complex issues.
- Hands-on experience with static and dynamic vulnerability identification using industry-leading scanning tools.
- Bachelor’s Degree in Computer Science, Information security or relevant professional experience;
- Working from home
- Competitive Salary
- Career Growth Opportunities
Qredo works at the cutting-edge of cybersecurity, decentralized finance and blockchain. We use the latest innovations in cryptography and distributed ledger technology to deliver unique solutions for securing and trading digital assets. Qredo is a well-funded, VC backed start-up with a clear mission and unprecedented demand for our products. Qredo is the ideal company for hard-working, highly creative engineering staff who enjoy working in a friendly, collaborative environment.
Other jobs like this
Security Engineer, Detection & ResponseAutomation AWS Bash Blockchain Crypto EDR Exploits Finance Incident response Monitoring +4
Flex hours Gear Pet friendly Snacks / Drinks Team events
Flex hours Gear Pet friendly Snacks / Drinks Team events
Security Engineer - International RemoteApplication security Artificial intelligence Golang Intrusion detection Machine Learning Monitoring Network security OWASP Python Rust +3
Career development Conferences Equity Flex hours Flex vacation +2
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Head of Information Security jobs
- Open Senior Information Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Staff Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cloud Security Operations Lead jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Threat detection-related jobs
- Open Open Source-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open DevSecOps-related jobs
- Open Machine Learning-related jobs