Senior Application Security Engineer @ FalconX

Senior Application Security Engineer

Posted on 1/10/2023

INACTIVE

Locations

Oakland, CA, USA • Chicago, IL, USA • New York, NY, USA

Experience Level

Entry

Junior

Mid

Senior

Expert

Desired Skills

C/C++/C#

Java

SQL

Python

Communications

Blockchain

Requirements

Bachelor's degree in Computer Science or a related field
5+ years of experience in application security or a related field in crypto, FinTech or HealthTech
Strong understanding of secure software development practices and technologies, including experience with threat modeling and secure coding standards
Experience with code reviews and security assessments
Proficiency in at least one programming language, such as Java, C#, or Python
Experience with web application security, including experience with common vulnerabilities such as SQL injection and cross-site scripting (XSS)
Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams
CISSP, OSCP, or other relevant security certifications a plus
Having a history exhibiting high quality execution in our core competencies will help your case
Our technical space spans many Protocols, Languages, and Frameworks. Proficiency in OpenSAMM or BSIMM is required
Penetration testing experience both hands-on and collaborating with third parties is required
Application Security experience in blockchain space is nice to have
As a security partner, we expect you to be capable of shifting between executing on reviews, writing standards, and writing code

Responsibilities

You will be the primary security expert for multiple product lines, and act as the point of contact for engineering and security
Perform architecture reviews, participate in security code reviews, and perform penetration testing against products prior to shipping
Support engineering with implementing security fixes, ensuring security scanners are utilized correctly, and develop strategies to proactively secure the architecture
Review development frameworks for security functionality, consistency, and uplift opportunities
Create threat models for products, and leverage them to prioritize remediations based on risk impact
Educate and train product teams on security topics and skills to extend AppSec's reach by deputizing product teams to help themselves

Who are we?

FalconX is one of the fastest-growing startups in FinTech. We are redefining prime brokerage from the ground up.

We are backed by some of the best investors in the world including Accel, American Express, B Capital, Coinbase, Fidelity, Lightspeed Venture Partners, Fenbushi Capital and Tiger Global Management + more yet to be publicly disclosed.

We deliver institutional digital asset traders best-in-class trading, credit, custody and structured products. We trade, lend and secure tens of billions of dollars monthly, are highly profitable, and growing fast, so we need your help!

We are data-driven. Whether it’s a growth or product decision, we believe data can always help us make more precise and informed choices.

We move fast. Speed of execution is essential for any startup, but we believe this is even more pertinent in our 24/7 industry.

We prioritize learning. Outcomes are mission-critical, but we also believe that learning in success and in failure will drive our continued success. Our industry is emergent - there’s no shortage of experiments to get involved with and to continue growing and learning together.

FalconX has offices in San Mateo, Chicago, New York, Bangalore, Malta, and Singapore.

Who is on the team?

We are entrepreneurs. Many in our company have been founders or have aspirations to eventually start their own company. We take these ambitions and experiences to bring a solutions-oriented mindset to the problems we encounter day-to-day.

We are experienced. We have been fortunate to have learned from mentors and peers at institutions such as Google, LinkedIn, JUMP Trading, Citadel, PEAK6 Investments, Goldman Sachs, Harvard Business School, Carnegie Mellon, IIT + more.

What will be my impact?

At FalconX, you’ll help create a more open financial system. In building the trading, credit and custody infrastructure, we are enabling thousands more institutions to enter the market and support a more open and accessible financial system. The world’s largest financial institutions from Wall Street to Silicon Valley will turn to you for products that provide unparalleled seamless, efficient and secure access to the cryptocurrency sector.

Job Summary:

As an Application Security Architect, you will be responsible for designing, implementing, and maintaining secure software development practices within our organization. You will work closely with software developers and other team members to ensure that our applications are secure, and you will be a key member of our security team.

Key Responsibilities:

You will be the primary security expert for multiple product lines, and act as the point of contact for engineering and security.
Perform architecture reviews, participate in security code reviews, and perform penetration testing against products prior to shipping.
Support engineering with implementing security fixes, ensuring security scanners are utilized correctly, and develop strategies to proactively secure the architecture.
Review development frameworks for security functionality, consistency, and uplift opportunities.
Create threat models for products, and leverage them to prioritize remediations based on risk impact.
Educate and train product teams on security topics and skills to extend AppSec’s reach by deputizing product teams to help themselves.

Requirements:

Bachelor’s degree in Computer Science or a related field
5+ years of experience in application security or a related field in crypto, FinTech or HealthTech
Strong understanding of secure software development practices and technologies, including experience with threat modeling and secure coding standards
Experience with code reviews and security assessments
Proficiency in at least one programming language, such as Java, C#, or Python
Experience with web application security, including experience with common vulnerabilities such as SQL injection and cross-site scripting (XSS)
Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams
CISSP, OSCP, or other relevant security certifications a plus

You look like:

Having a history exhibiting high quality execution in our core competencies will help your case.
Our technical space spans many Protocols, Languages, and Frameworks. Proficiency in OpenSAMM or BSIMM is required.
Penetration testing experience both hands-on and collaborating with third parties is required.
Application Security experience in blockchain space is nice to have.
As a security partner, we expect you to be capable of shifting between executing on reviews, writing standards, and writing code.

Base pay for this role is expected to be between $190,000 and $225,000. This expected base pay range is based on information at the time this post was generated. This role will also be eligible for other forms of compensation such as a performance linked bonus, equity, and a competitive benefits package. Actual compensation for a successful candidate will be determined based on a number of factors such as skillset, experience, and qualifications.

51-200 employees

Website

Digital asset trading & brokerage platform

Company Overview

FalconX's mission is to build this connective tissue for open, permission-less, and truly global digital assets to be adopted by mainstream institutions at scale, today's digital infrastructure is grossly inadequate. FalconX is a digital asset trading platform that provides clients fast, secure and reliable execution using data science to eliminate slippage and hidden fees.