JobStash Logo
Search...

Senior Application Security Engineer

4 days agoSeniorSalary: 130K - 218KUS, EMEARemoteFull TimeCybersecurityJobs by Consensys

Skills

Secure CodingBug BountyAi ToolingVulnerability TriageServer-Side DevelopmentCode ReviewWeb ApplicationNode.JsVulnerability ManagementSecurity TestingMobile Application SecurityApiApplication SecurityThreat ModelingSsdlcAutomationJavascript

About the Role

You will embed security into the software development lifecycle for MetaMask products. You will review designs, perform threat modeling, conduct security testing and code reviews, and triage vulnerabilities reported through the bug bounty program. You will write code to fix vulnerabilities and build security automation and tooling, validate patches, and drive remediation within SLAs. You will liaise with engineers and ethical hackers, document findings clearly, and help prevent future issues through controls and developer education.

Requirements

  • 6+ years building and securing software, with at least 4 years in product or application security
  • Experience securing server-side applications and environments
  • Experience performing security design reviews, threat modeling, and security testing
  • Experience working with or securing JavaScript and Node.js applications in modern web environments
  • Strong coding skills in modern application stacks, ideally JavaScript and Node.js
  • Experience securing web applications and APIs
  • Solid written and verbal communication skills
  • Proactive and self-driven with ability to work effectively in a remote environment
  • Relevant knowledge of modern web and mobile application security landscape, real-world attacks and mitigations

Responsibilities

  • Determine root cause and severity of reported vulnerabilities
  • Triage bug bounty reports and interface with ethical hackers
  • Guide product engineering teams to remediation
  • Document identified vulnerabilities to enable rapid engineering action
  • Write code to support security engineering projects and fix client vulnerabilities
  • Develop AI tooling for vulnerability determination and resolution
  • Assess application security and ensure remediation within SLAs
  • Conduct design reviews, threat modeling, security testing, and code reviews
  • Identify gaps in the SSDLC and lead remediation efforts
  • Validate security patches and test for potential bypasses
  • Develop automation, security controls, and educational materials to prevent recurrence

Benefits

  • Comprehensive competitive benefits package
  • Equity
  • Access to Consensys Advance Program and Coursera learning modules
  • Unlimited vacation/holidays
  • Flexible working arrangements
  • Remote-first work
Consensys logo
Consensys
Distributed
1000 Employees

Funding

Series D ($450M)Series C ($200M)Convertible note issuance ($65M)

Investors

HSBCBLN CapitalMarshall WaceThink InvestmentsThird Point
View jobs by Consensys

Similar Jobs

OpenEden

IT Security Lead

OpenEden · 3 days ago

Wave Mobile Money Inc.

AI Security Engineer

Wave Mobile Money Inc. · 5 days ago

GoMining

SecOps Engineer

GoMining · 6 days ago

Alpen Labs

Security Protocol Engineer

Alpen Labs · 6 days ago

Liminal Custody

Senior Cloud Security Engineer

Liminal Custody · 1 week ago