Senior Application Security Engineer
Posted on 1/10/2023
Oakland, CA, USA • Chicago, IL, USA • New York, NY, USA
Experience Level
Desired Skills
  • Bachelor's degree in Computer Science or a related field
  • 5+ years of experience in application security or a related field in crypto, FinTech or HealthTech
  • Strong understanding of secure software development practices and technologies, including experience with threat modeling and secure coding standards
  • Experience with code reviews and security assessments
  • Proficiency in at least one programming language, such as Java, C#, or Python
  • Experience with web application security, including experience with common vulnerabilities such as SQL injection and cross-site scripting (XSS)
  • Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams
  • CISSP, OSCP, or other relevant security certifications a plus
  • Having a history exhibiting high quality execution in our core competencies will help your case
  • Our technical space spans many Protocols, Languages, and Frameworks. Proficiency in OpenSAMM or BSIMM is required
  • Penetration testing experience both hands-on and collaborating with third parties is required
  • Application Security experience in blockchain space is nice to have
  • As a security partner, we expect you to be capable of shifting between executing on reviews, writing standards, and writing code
  • You will be the primary security expert for multiple product lines, and act as the point of contact for engineering and security
  • Perform architecture reviews, participate in security code reviews, and perform penetration testing against products prior to shipping
  • Support engineering with implementing security fixes, ensuring security scanners are utilized correctly, and develop strategies to proactively secure the architecture
  • Review development frameworks for security functionality, consistency, and uplift opportunities
  • Create threat models for products, and leverage them to prioritize remediations based on risk impact
  • Educate and train product teams on security topics and skills to extend AppSec's reach by deputizing product teams to help themselves

51-200 employees

Digital asset trading & brokerage platform
Company Overview
FalconX's mission is to build this connective tissue for open, permission-less, and truly global digital assets to be adopted by mainstream institutions at scale, today's digital infrastructure is grossly inadequate. FalconX is a digital asset trading platform that provides clients fast, secure and reliable execution using data science to eliminate slippage and hidden fees.