Application Security Engineer

Remote - Sliema, Sliema, Malta

Full Time USD 30K - 110K *
Qredo logo

Qredo

Qredo is a cross-chain protocol for asset managers and traders active in the digital asset markets. Using our institution-grade, layer 2 infrastructure, investors can now hold all their crypto assets securely in one place, with unlocked access...

View all employer listings

Apply now Apply later

At Qredo we are developing state of the art cryptographic services to solve the problem of private key management in Tier 1 blockchains. Specifically, we are using Multi-Party Computation Threshold signature scheme (MPC-TSS) for ECDSA and EdDSA to run a distributed, highly available network of signing nodes.


Responsibilities:

- Drive adoption and coverage of automated Application security testing in the Secure SDLC process and CI/CD pipelines (SAST, DAST, SCA, others).
- Perform security-related design and implementation reviews and risk analysis of the platform.
- Evaluation of security controls to insure adherence with compliance and industry best practices.
- Working with key business stakeholders to maintain and improve security activities in a timely and planned manner.
- Find and remediate security flaws across the software stack using penetration testing, vulnerability scanning and source code reviews.
- Support activities related to incorporating the Shift-left security approach.
- Maintain and improve secure coding standards and guidelines and deliver secure application development trainings.
- Develop technical documentation, including functional and system design specifications and Standard Operating Procedures as necessary.
- Work with external penetration testers to continuously improve security of the platform.
- Manage and improve our Bug Bounty program by coordinating with researchers and in-house developers, to evaluate, rank and remediate reported vulnerabilities.
- Developing and maintaining various custom automation tools to improve the capabilities and efficiency of the Application security team and the overall security of the company.
- Participate in Security incident response activities as needed.

Requirements

- Solid understanding of Information Security principles and the specific behaviours and practices that would help secure Qredo’s information assets and intellectual property.
- Experience with Secure Software Development Lifecycle methodologies and security frameworks (OWASP standards, SANS, MITRE, NIST, others).
- Ability to clearly communicate security requirements and translate them into tangible project deliverables.
- Excellent analytical skills, attention to detail, and ability to methodically troubleshoot complex issues.
- Hands-on experience with static and dynamic vulnerability identification using industry-leading scanning tools.
- Bachelor’s Degree in Computer Science, Information security or relevant professional experience;

Benefits

  • Working from home
  • Competitive Salary
  • Career Growth Opportunities



About Qredo

Qredo works at the cutting-edge of cybersecurity, decentralized finance and blockchain. We use the latest innovations in cryptography and distributed ledger technology to deliver unique solutions for securing and trading digital assets. Qredo is a well-funded, VC backed start-up with a clear mission and unprecedented demand for our products. Qredo is the ideal company for hard-working, highly creative engineering staff who enjoy working in a friendly, collaborative environment.

* Salary range is an estimate based on our salary survey at salaries.infosec-jobs.com
Job regions: Remote/Anywhere Europe
Job country: Malta
Job stats:  15  2  0
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.