Beschreibung

In this role, you will take charge of embedding security throughout the development lifecycle, lead architecture reviews, and implement automated solutions. Your efforts will directly protect users and ensure the integrity of a global protocol.

Anforderungen

• •12+ years of hands-on experience in Product Security, Application Security, or Cloud Security
• •Proficiency in code review and development in Rust, Go, and Python
• •Extensive experience securing modern AWS architectures
• •Experience developing secure infrastructure-as-code (Terraform and CDK)
• •Expertise in leading threat modeling sessions
• •Strong background in implementing and managing security tooling (SAST, DAST, SCA)
• •Deep understanding of web and API security principles (OWASP Top 10)
• •Experience securing distributed, mobile-first systems
• •Experience scaling a security champions program (nice to have)
• •Expertise in Kubernetes (EKS) and container security (nice to have)
• •Interest in securing mobile applications or smart contracts (nice to have)

Aufgaben

• •Lead secure architecture reviews
• •Facilitate threat modeling sessions for new applications and cloud services
• •Engineer and implement automated security guardrails
• •Create reusable libraries for developers
• •Conduct deep-dive security-focused code reviews
• •Perform infrastructure reviews in Rust, Go, and Python
• •Manage the vulnerability management process
• •Triaging bug bounty submissions
• •Drive remediation efforts with engineering teams
• •Mature and scale the Secure SDLC
• •Enhance bug bounty programs

Tools & Technologien

Benefits