RecruitBlock are recruiting an Application Security Engineer for an international crypto leader who specialise in building enterprise crypto treasury management solutions.
This Málaga based blockchain company enables companies to integrate digital assets into the treasury, payroll and financial operations.
The Application Security Engineer will have a strong passion for problem solving, strong attention to detail and will work closely within the Developer and Product team with a focus on application level security. The role will can be based in Málaga with work-from-home and hybrid working options available, or remotely in Spain with office visits required.
✔ Application Security Engineer Vacancy ✔ Crypto Job ✔ B2B Software Solutions
Role:
✔ Work as part of the Security Team with a focus on application level security.
✔ Implement a software assurance model designed to address security defects early in the delivery pipeline.
✔ Perform security architecture design reviews for new features and product releases.
✔ Perform code reviews and advise developers on remediation techniques.
✔ Be an advocate for secure coding practices across all engineering teams.
✔ Facilitate internal training on various security topics to raise awareness and interest.
✔ Manage external and perform your own penetration tests and lead remediation projects to enhance existing security features.
✔ Improving the Secure Software Development Lifecycle, working with and keeping development teams up to date with secure coding practices.
✔ Create documentation and presentations for security champions on the development team.
✔ Research, learn and work with the newest tools!
Skills:
✔ Proven experience in Cybersecurity and Application development.
✔ Experience in Security Engineering, Threat Modelling, Penetration Testing and Security Code Review.
✔ Deep knowledge of common web application vulnerabilities (e.g. Injection Attacks, XSS, CSRF, etc.) and their mitigation strategies.
✔ Experience in OWASP ASVS Implementation and verification.
✔ Deep knowledge of standards and methodologies OWASP, PTES.
✔ Experience with security assessment tools like Burp Suite, OWASP ZAP, etc.
✔ Experience with secure coding practices and automating security checks in pipelines
✔ Hands-on experience implementing and tuning SAST/DAST.
✔ You have the ability to exploit security flaws on web applications and APIs manually.
✔ Passion for cryptocurrencies / blockchain a bonus.
✔ Fluent written and spoken English.
