Application Security Engineer

🌟 Join Our Team as an Application Security Engineer! 🌟

Are you passionate about securing cutting-edge applications in the fast-paced world of cryptocurrency? Want to work with a talented team, enhancing security and protecting valuable assets in a growing digital landscape? If so, we’d love to have you on board! 🚀

As an Application Security Engineer, you’ll be responsible for ensuring the safety and security of our crypto-related applications, working closely with cross-functional teams to develop and implement best practices in application security. 🔐

• 🛡️ Collaborate with development and DevOps teams to address security issues in the software development lifecycle.
• 🔍 Conduct security architectural reviews, set security requirements, and ensure new features meet security standards.
• 📄 Create and update security policies, standards, and procedures related to secure development.
• ⚠️ Identify and mitigate risks associated with application infrastructure, implementing effective security measures.
• 🔬 Research and improve methods for detecting security threats in the cryptocurrency industry, proposing strategies to counteract them.
• ⚙️ Design DevSecOps solutions, onboard and configure AppSec tools (DAST, SAST).
• 🛠 Participate in Patch and Vulnerability Management processes, assessing security vulnerabilities in applications and infrastructure.
• 🔐 Develop security practices for designing secure APIs.
• 📈 Stay updated on modern approaches to securing crypto-asset applications.

• 🎓 A degree in a relevant field such as Information Security or Computer Science.
• 🛡️ 2+ years of experience in Application Security.
• 💻 Proficiency in reading and understanding Bash, Python, and Go code, with the ability to identify security flaws.
• 🔒 Knowledge of common security vulnerabilities and protection methods.
• 🔧 Hands-on experience with security tools (SAST, DAST, SIEM, WAF, Anti-DDoS, Vulnerability Management).
• 📚 Familiarity with security standards and frameworks (NIST, MITRE, ISO 27k, PCI-DSS, OWASP ASVS, OWASP Top 10, OWASP SAMM).
• 🌐 Understanding of containerization and orchestration security (Docker, K8s).
• 🔐 Technical knowledge of Blockchain and cryptography, as well as best practices in securing corporate information systems (Zero Trust, 2FA/MFA, Principle of Least Privilege).
• 💬 Proficiency in technical English В2+
  
• Nice-to-Have: 🏅 Experience with API security testing.
  🔄 Understanding of SSDLC and DevSecOps processes.
  📜 Relevant certifications (BSCP, OSWE, OSCP).
  💻 Active profile on security learning platforms (e.g., HackTheBox).
  🏆 Participation in CTF competitions.

• 🕒 Flexible working hours, just be available during established working hours.
• 🌴 28 days of vacation per year + 12 bonus days!
• 🤒 Fully paid sick leave.
• 📝 Employment under a Service Agreement for a legal entity in Singapore.
• 💰 Salary in USDT.

👉 To respond, just scroll down the page a bit further ⬇⬇⬇