Beschreibung

In this role, you will take charge of integrating security into the development lifecycle, lead architecture reviews, and manage vulnerabilities. Your efforts will directly enhance user protection and maintain the integrity of a global protocol.

Anforderungen

• •Pragmatic and deeply technical security engineer
• •Builder's mindset and passion for shipping secure products
• •Comfort with ambiguity and drive to secure systems
• •6+ years of hands-on experience in Product Security, Application Security, or Cloud Security
• •Proficiency in code review and development in Rust, Go, and Python
• •Extensive experience securing AWS architectures and developing secure infrastructure-as-code
• •Expertise in leading threat modeling sessions and providing actionable guidance
• •Strong background in implementing and managing security tooling (SAST, DAST, SCA)
• •Deep understanding of web and API security principles (OWASP Top 10)
• •Experience scaling a security champions program, expertise in Kubernetes (EKS) and container security

Aufgaben

• •Lead secure architecture reviews
• •Conduct threat modeling sessions for new applications and cloud services
• •Engineer automated security guardrails
• •Implement reusable libraries for developers
• •Perform security-focused code reviews in Rust, Go, and Python
• •Conduct infrastructure reviews with a security focus
• •Manage the vulnerability process from triaging bug bounty submissions
• •Drive remediation efforts with engineering teams
• •Mature the Secure SDLC program
• •Scale the bug bounty program

Tools & Technologien

Benefits