Senior Application Security Engineer ( Work Location - Mumbai Office)
Mumbai, Maharashtra, India
LiminalCreate non-custodial multisig wallets for your crypto tokens. Our self-custody wallet platform makes it extremely easy and secure for individuals and businesses to manage their digital assets.
We are seeking a talented senior application security engineer to be involved in security assessment testing and procedures for our Liminal self-custodial platform. In this role, you will be responsible for analysing the functionality, designing and implementing test strategies to assess the application end to end, and validating the functionalities from the attacker's perspective. You will also be required to be involved in the SDLC process to identify and fix the loophole during the development phase. You would be required to involve in bug bounty issues end to end and provide guidance to the development team. To ensure success as a senior application security engineer, you should have Web, Android, and IOS application security experience and skills, a keen eye for detail, and project management skills. As a senior application security engineer, having prior experience in web and/or IOS app development would be the cherry on the cake.
- Participate in application security reviews including security code review, architectural design review, and dynamic testing.
- Implement security and cryptography solutions
- Detect design and logical vulnerabilities
- Build and maintain threat modelling framework
- Help Software Engineers in security best practices.
- Own and perform application security vulnerability management.
- Support the bug bounty program.
- Facilitate and support the preparation of security releases.
- Support and consult with Product and development teams in the area of application security.
- Assist in the creation of security training for developers.
- Assist in the development of automated security testing to validate that secure coding best practices are being used.
- Assist in Pen-testing practices (purple teaming).
- Work with external pen testing firms to manage third-party assessments
- Own the Secure SDLC process
- Taking initiatives to curb known abusive activity, and identifying unknown abuse vectors.
- Designing, researching, and executing attacks to challenge the blue team.
- Reporting on the red team engagements providing in-depth analysis of the security issues.
- Developing technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Writing comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
- Implementing security best practices and new ideas to encourage innovation within your team.
- Making proposals across several teams on cross-functional security initiatives.
- Keeping abreast of the latest developments in crypto, DeFi and blockchain to feed the company's strategic orientations.
- Continually researching the current and emerging technologies and propose changes.
- At least 5 years of experience in the field of penetration testing.
- Must have experience in IOS and MacOS libraries penetration testing
- Must have experience in web applications, web services, libraries, and SDKs penetration testing
- Experience in Software Development.
- Experience working with AWS technologies
- Familiarity with cloud security best practices.
- Familiarity with common libraries, security controls, and common security flaws.
- Deep understanding of Supply chain attacks
- Experience with OWASP, static/dynamic analysis, and common security tools.
- Deep understanding of network and web related protocols (such a TCP/IP, UDP, TPSEC, HTTP, HTTPS, protocols).
- Experience in vulnerability management lifecycle.
- Demonstrate strong written and verbal communication skills.
- Experience implementing Security Certifications
- Understand full attack lifecycle
- BS (or equivalent) in Computer Science, Computer Engineering, or related field.
- You will be required to work from Mumbai office ( Mon-Fri ) Normal working hours.
- Experience in Digital Asset Wallets is a plus.
- Experience submitting security issues in cryptocurrency wallets/exchanges’ bug bounty program is a plus.
- OSCP, OSWE, GPEN or similar certification completion is a plus.
- Understanding of applied cryptography.
- Be a blockchain technology and web3 enthusiast.
Best in Class Salary
At Liminal, we appreciate the good talent, and ensure that our employees are compensated with the salary brackets that are best in the industry.
No need to wait till the end of the month anymore! Get your salary credited every 15 days.
We don’t like to micromanage. We believe it's impolite to ask employees to punch in & out or follow similar activities to track the number of working hours. We trust our employees to get the job done and achieve the identified goals.
A liberal ESOP policy, ensures that every employee remains motivated toward the success of the organisation and does not take this as any other job task. By adopting an excellent ESOP policy, we want to ensure that our employees benefit immensely from the growth of the organisation.
Self-Managed Paid Leaves
Say bye to leave without pay! Yes, there are no limits to the number of leaves you can take. We want employees to be responsible enough to strike a good work-life balance.
Liminal Book Club
Liminalites believe in the power of reading. Whether fiction or non-fiction, reading habits can fetch maximum ROI on time and money invested. You can raise a request for a book, and it will be delivered to your doorstep. No need to return or share, it’s yours to keep forever.
We care for our beloved Liminalites. Our health insurance provides comprehensive coverage to our employees and their spouses and dependent children.
Lifetime free access
Liminal employees receive lifetime free access to the Liminal Vaults platform even after they decide to move on. Employees will additionally get Trezors / Ledgers at zero cost as a part of their onboarding. You can enjoy the benefits of the software as well as the hardware for free.
Best in Class Devices and Subscriptions
Get the best devices and tools you need to deliver your work. We provide the best subscriptions to ensure the highest levels of work efficiency.
HealthyMe ProgramThe challenge consists of completing exercise of any sort (physical/ mental/ walk /run /cycle / any sport/ game) consecutively for 30 days for 30 minutes, 4 times within the 6 months and receive a monetary reward of $30 for each 30-day streak.
1Password is a password manager and digital vault that helps users store, manage and secure their passwords, credit cards, personal information and other sensitive data. The platform will help our employees generate strong and unique passwords, and then store and autofill them across their devices and apps with a single click.
Under the Referral Bonus Program our employees can earn incentives to introduce new talent to the organisation. The referral bonus will be credited to the employee account once the candidate completes 3 months with Liminal.
Growth Gateway Program
We believe in personal and professional growth, and we want our employees to have the tools they need to succeed. We offer a wallet of USD 400 that can be used to enrol in any learning program or certification that you desire.
Bouquet of Apps
Not just Netflix, let’s enjoy more wonderful applications. We all need a little extra help sometimes, which is why we offer a bouquet of apps covering health, knowledge, entertainment, and finance. Use any of these apps and receive a reimbursement of USD 15 per month.
Set Up Home Office
Liminal cares for your health and hence we have launched this benefit to “Set Up Home Office” for employees when they begin their journey with us. This will be a one time benefit given to the employee upon joining the Liminal family. Employees are encouraged to buy “Ergonomic furniture” that is specifically designed for efficiency and comfort in your work environment and helps you prevent stress injuries. You are allowed to buy a Chair and a Table or a Desk as suited to your needs for a comfortable working environment at home.
We Are Liminal
At Liminal, we’re building the best home for digital assets. Making them secure and efficient every day!
As a team, we thrive to inspire and push you to live your dream and build a technology that challenges the status quo.
Liminal is where crypto-native citizens live. We wish to make digital assets accessible, simple, transparent, and secure.
We are an ambitious team of individuals who are chasing the Big Hairy Audacious Goals (BHAG) and we work with full authority. There are no right or wrong decisions, but only timely or late decisions.
Thus, we execute with great speed. We think, we create, we deliver, and we drive innovation.
Successful companies are built on strong and positive emotions, and we aim to drive this internally. Emotional intelligence leads to impactful results.
There may be tough days or even months, but we make sure we pull each other through a great and successful quarter. As a team, we celebrate even the small wins together.
We focus on the goal, and we ensure that the journey is fruitful too. We learn from each other’s experiences, whether success or failure, each chapter adds to a takeaway which is a useful lesson.
We share, express, and aim to achieve the planned outcome together as a team.
As a team, we are thankful to have each other's back. We are kind when we give feedback, and we take feedback positively. Liminal’s motivating culture to showcase one’s work, and share appreciation, sets us apart from others.
Seamless workflow between the team is the secret ingredient. We take ownership of our work, and ensure its delegated with due diligence and automated in time.
“It’s not about 500 people, but 500X people that makes the difference. And, this is what we follow at Liminal.”
We Grow Together
This is the best time to join Liminal. We’re building a team that is shaping the future of secured digital transactions. This learning experience will not just enhance your professional profile, but also add value to your personal growth.
Collaborative Work Environment
We spend most of our time at work, finding answers to problems or building solutions, and hence it becomes imperative to ensure that we enjoy our time at work. We take pride in the lively culture that we have built at Liminal.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android Application security AWS Blockchain Blue team Cloud Computer Science Crypto Cryptography Finance GPEN iOS MacOS OSCP OSWE OWASP Pentesting Red team SDLC Security assessment TCP/IP Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open DoD-related jobs