Senior Security Engineer

February 13

Apply Now

Receive Emails with Similar Jobs

Zero Hash

WebsiteLinkedInAll Job Openings

Zero Hash is a company that provides infrastructure solutions for the integration of crypto and stablecoin products into various platforms. By offering API-first technology and turnkey regulatory infrastructure, Zero Hash enables businesses, especially in the fintech, payments, and banking sectors, to develop and launch crypto and stablecoin products efficiently and compliantly. Their services cover a wide range of applications including investments, trading platforms, payment gateways, and brands, focusing on simplifying the process of managing custody, liquidity, and settlement for their clients. Zero Hash supports over 60 digital assets and is operational in over 200 countries.

settlement • crypto • NFT • custody • liquidity

51 - 200 employees

💳 Fintech

₿ Crypto

🌐 Web 3

💰 $105M Series D on 2022-01

📋 Description

• Work with the product management and software engineering teams during all phases of the SDLC to ensure that applications are designed and implemented securely • Test web applications and underlying systems for vulnerabilities using both tools and manual techniques; manage the remediation of findings through resolution • Recommend code changes to eliminate vulnerabilities • Automate security tests within the CI/CD pipeline • Help develop secure coding standards and training materials based on findings seen in Zero Hash’s environment to empower engineers to write more secure code • Research vulnerabilities specific to blockchain technologies and incorporate this knowledge in Zero Hash’s security practices • Serve as an escalation point to investigate security alerts and identify incidents • Investigate vulnerability reports related to Zero Hash products and systems • Manage vendors to conduct penetration tests and other security-related projects • Participate in security helpdesk on-call rotation and manage adhoc security requests • Influence the continuous improvement of the application security program • Participate in projects such as threat modeling, vulnerability scanning, and audits.

🎯 Requirements

• 5+ years of experience as a security engineer leading projects and developing resolutions in cybersecurity • Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management. • Experience automating security tests in CI/CD pipelines & experience working with SAST and DAST testing processes and tools • Experience with building Detections against common attacks • Self-motivated and creative problem-solver able to work independently with minimal guidance • Configure, and support security and IT administration tools (e.g., MDM, IAM, EDR, SIEM, & IDPS) • May require work nights, weekends, or holidays on a rotational basis with the rest of the team to ensure 24x7 coverage. • Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly • Experience with at least several of the following is highly desirable: Java, Angular JS, REST APIs, JSON, Go, Rust, and Python • Supports the team with additional security projects, as needed • Preferred Experience with Cloud Security tools • Prior experience with threat and vulnerability management • Experience with common attack techniques and conducting penetration tests

🏖️ Benefits

• Chance to earn equity • Paid Maternity & Paternity leave (after 6 months) • WeWork Membership • WFH Yearly Stipend • L&D Yearly Stipend (after 6 months)