Plus
Включить Plus
Назад
Company hidden
6 дней назад

Senior Application Security Engineer (Web3)

Формат работы
remote (Global)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Switzerland
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Application Security Engineer (Web3/Fintech): Ensuring the security of web applications, backend services, and APIs for a self-custodial financial platform with an accent on offensive security and vulnerability research. Focus on identifying security flaws before attackers, managing WAF/API firewalls, and integrating security practices into the engineering lifecycle.

Location: Remote (Global)

Company

hirify.global is building a world-leading self-custodial financial platform and hardware wallets for digital assets, operating globally with a focus on blockchain security.

What you will do

  • Perform manual and automated security testing on web applications and APIs.
  • Review new features and services to identify and mitigate security risks before and after release.
  • Manage and tune security tools including WAF, API Firewall, and Cloudflare.
  • Investigate and validate reports from bug bounty programs.
  • Collaborate with developers and QA engineers to improve security testing practices.
  • Provide practical security training and guidance to engineering teams.

Requirements

  • 3+ years of experience in Application Security, Penetration Testing, or Offensive Security.
  • Practical experience finding vulnerabilities in web applications and APIs.
  • Experience with Cloudflare security products (WAF, API Shield) or similar technologies.
  • Proficiency with vulnerability scanners, DAST tools, and other security testing solutions.
  • Experience with at least one programming language such as Python, Go, or JavaScript.

Nice to have

  • Experience participating in bug bounty programs (HackerOne, Bugcrowd, Google VRP, etc.).
  • CTF participation or other practical offensive security activities.
  • Security certifications such as OSCP, PNPT, eWPT, or similar.
  • Experience integrating security testing into CI/CD pipelines.

Culture & Benefits

  • Full remote work flexibility from any location.
  • Competitive salary paid in EURO or USDT.
  • Unlimited vacation policy.
  • Compensation for necessary technical devices for work.
  • Opportunity to participate in shaping a high-growth unicorn in the blockchain sector.

Hiring process

  • 30-minute interview with a Recruiter.
  • 1-hour technical interview with the CISO of hirify.global.
  • Offer.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →