Head of AppSec (Application Security)
Remote
Applications have closed
Parity
Parity Technologies builds core blockchain infrastructure. From Parity Ethereum, the most advanced Ethereum client, to Polkadot, the next-generation interoperable blockchain network.Parity is one of the world's most experienced core blockchain infrastructure companies, having built and pioneered some of the most advanced technologies in the blockchain sector. Parity was founded by Dr. Gavin Wood, co-founder and former CTO of Ethereum, the primary engineer behind the Ethereum Virtual Machine (EVM), inventor of the Solidity programming language, and primary author of the Ethereum Yellowpaper.
Based in Berlin, London, and Lisbon with over 340 employees worldwide, Parity has built clients for Ethereum, Bitcoin, and Zcash and has pioneered a completely new, next-generation blockchain protocol with Polkadot and the framework it’s built with, Substrate. Parity builds the open-source technologies needed to power an unstoppable, decentralized web—known as Web3—and helps developers and organizations implement and build upon the Web3 tech stack.
About the position:
Parity has a lot of products: blockchain clients written in Rust, mobile apps written in platform-native languages, browser-based tools and extensions written in JavaScript. We also maintain some crypto and networking libraries (mostly in Rust) and a blockchain framework used by several hundreds of third-party teams. All of this code needs to be consistently secured — and as a head of AppSec, it would be your job.
What you will do:
- be that important link helping security researchers (be that independent auditors, bug bounty hunters or even yourself) and engineers in charge of the code understand each other;
- help teams learn state of the art security practices and embed them into day-to-day work;
- perform a lot of threat modelling and other pre-audit documentation work to help us get most kick for the (quite significant) buck we spend on those audits;
- hone and improve our security-related processes like bug bounty and internal vulnerability response;
- and of course this is not a single-man job, so you’d be building and growing a team to help you with those challenges.
About you:
- know your security tools and approaches: you should be leading our way when setting up SAST, DAST, fuzzing, property-based testing, symbolic execution, network simulation tools and such;
- have exposure to cryptography, decentralized networking, hardware key management solutions;
- have understanding of modern blockchain tech landscape and the new classes of threats it experiences;
- have experience in threat modelling, red/blue teaming, working with best in class independent security teams and turning their findings into actual deployed fixes in our codebase;
- be able to help with hiring, lead the resulting team and set up security practices all around the company;
- be a self-starter: most of the time there would be little guidance on which areas to work on first and what to improve there. You’re expected to determine that yourself, keeping company-wide goals in mind, and drive those initiatives to completion.
Nice to have:
- Rust knowledge;
- Prior work experience in blockchain/cryptocurrency fields;
- located in or willing to relocate to Berlin, Germany;
- A background in open source software development;
- Passionate about Web 3.0 and what it represents for the future;
- Have an interest in Parity and accompanying technologies such as Substrate.
About working for us:
For everyone who joins us:
- Competitive remuneration packages, including tokens (where legally possible), based on iterative market research
- Remote-first, global working environment with flexible hours
- Collaborative, fast-paced, and self-initiating culture, designed to mimic an open source workflow
- Energising and collaborative team and company retreats all over the world
- Opportunity to learn more about Web3 while on the job, with access to some of the brightest minds in this space; we have plenty of educational initiatives such as internal sessions, all-hands, AMAs, hackathons, etc.
- Teammates who are genuinely excited about their job, impact, and Parity’s mission
- Opportunity to relocate to Germany or Portugal
For those joining us as employees in Germany, Portugal, or the U.K.:
- 28 paid vacation days per year
- Work laptop (macOS or Linux-based) and equipment to enable you to work successfully
- £2,500 yearly learning and development budget for conferences or courses of your choice
Not a perfect match to our requirements? We're still excited to receive your application and hear how you think you can help us achieve our mission.
To see how we use your data please see our Applicant Notice.
Tags: Application security Audits Blockchain Crypto Cryptography DAST JavaScript Linux MacOS Open Source Rust SAST
Perks/benefits: Career development Conferences Flex hours Flex vacation Gear Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs