AppSec

Are you passionate about securing cutting-edge applications in the fast-paced world of cryptocurrency? Want to work with a talented team, enhancing security and protecting valuable assets in a growing digital landscape?

If so, we’d love to have you on board!

As an Application Security Engineer, you’ll be responsible for ensuring the safety and security of our crypto-related applications, working closely with cross-functional teams to develop and implement best practices in application security.

Responsibilities:

• Collaborate with development and DevOps teams to address security issues in the software development lifecycle.
• Conduct security architectural reviews, set security requirements, and ensure new features meet security standards.
• Create and update security policies, standards, and procedures related to secure development.
• Identify and mitigate risks associated with application infrastructure, implementing effective security measures.
• Research and improve methods for detecting security threats in the cryptocurrency industry, proposing strategies to counteract them.
• Design DevSecOps solutions, onboard and configure AppSec tools (DAST, SAST).
• Participate in Patch and Vulnerability Management processes, assessing security vulnerabilities in applications and infrastructure.
• Develop security practices for designing secure APIs.
• Stay updated on modern approaches to securing crypto-asset applications.

Requirements:

• A degree in a relevant field, such as Information Security or Computer Science.
• 5+ years of experience in Application Security.
• Proficiency in reading and understanding Bash, Python, and Go code, with the ability to identify security flaws.
• Knowledge of common security vulnerabilities and protection methods.
• Hands-on experience with security tools (SAST, DAST, SIEM, WAF, Anti-DDoS, Vulnerability Management).
• Familiarity with security standards and frameworks (NIST, MITRE, ISO 27k, PCI-DSS, OWASP ASVS, OWASP Top 10, OWASP SAMM).
• Understanding of containerization and orchestration security (Docker, K8s).
• Technical knowledge of Blockchain and cryptography, as well as best practices in securing corporate information systems (Zero Trust, 2FA/MFA, Principle of Least Privilege).
• Proficiency in technical English, for understanding documentation and communicating with international standards.

Nice-to-Have:

• Experience with API security testing.
• Understanding of SSDLC and DevSecOps processes.
• Relevant certifications (BSCP, OSWE, OSCP).
• Active profile on security learning platforms (e.g., HackTheBox).
• Participation in CTF competitions.

What We Offer:

• Fully remote position — work from anywhere!
• 28 days of paid vacation and fully paid sick leave.
• Competitive salary in USDT.
• Opportunity to work in a fast-growing and innovative cryptocurrency company