The company is an early stage, fast-growing contender to transform the antiquated user identity space by eliminating the need for passwords, with backing from top investors such as Tiger Global, Lightspeed Ventures, SV Angel, Social Capital, Northzone, Placeholder, Naval Ravikant, Alexis Ohanian, Ryan Hoover, and Balaji Srinivasan. Our mission is to safeguard the trust between users and Internet services by establishing a secure and authentic digital identity.
The company's vision is to build the passport of the internet. We are looking for team members who are not afraid to push beyond the status quo and create the most straightforward, most secure, and most long-term sustainable identity solution for app developers and end-users. This is a unique opportunity to help us disrupt the world of authentication.
We are looking for a Security Engineer who is experienced in product security and has a breadth of knowledge in best security practices. You will flow seamlessly from ensuring the security of our products and systems throughout the development life cycle (from both internal and external threats) to building out core backend systems, kick-ass features, and intuitive/performant APIs.
What you bring to the table:
Implement tools and automation to proactively detect security risks and threats for internal systems
Collaborate with other engineers to identify security gaps and integrate security into the software development process
Perform scheduled technical security exercises, security assessments, and code audits
Ensure best security practices and procedures are maintained and carried out by all engineering teams through system design input and code reviews
Work with our HackerOne program from triaging, to identifying solutions, to implementing fixes
Be the go-to expert for product security concerns on the team
Design and build backend systems that power the company's experience
Building and improving our APIs so that they are as scalable, performant, intuitive as can be
We are looking for someone who has:2+ years of work experience in any security engineering domain using SDL, threat modeling, SIEM, vulnerability scanning, pen testing, etc.
Proficient in Python, Go, and/or RubyIn-depth knowledge in secure coding practices and strong passion in helping other engineers to adopt themKeen awareness of application security, and knowledge of Open Web Application Security Project (OWASP) top 10 vulnerabilities
Relevant knowledge of modern web and mobile app security landscape, real-world attacks, and mitigations
Have hands-on experience in the public cloud environment leveraging best security practices
Experience in implementing an intrusion detection system with automated mitigation steps
DevOps experience in public cloud environments
Strong foundation in infrastructure security, applied cryptography, network, and computer security, authentication, and security protocols
Have participated in compliance audits (ex: SOC2 Type2, ISO27001, etc.)
Have a startup personality and mentality: smart, hardworking, productive, team player, integrity, can execute under pressure
The company is fully remote, though we would prefer this role specifically to be in a timezone where we can have more hours overlap with the North American team members due to the need for frequent communication and collaboration. #LI-Remote.
Make sure to follow us here to get our most live jobs https://www.linkedin.com/company/cryptorecruit
Cryptorecruit are the worlds leading specialist recruiter for the blockchain/Cryptocurrency industry. We recruit positions from CEO,CTO, Project Manager, Solidity developer, frontend and Backend Blockchain developers to marketing/sales and customer service roles. Please browse our website and at www.cryptorecruit.com to search all our job vacancies.