Bitgo2mo ago

Application Security Engineer

Indiamid

SecurityApplication Security EngineerCybersecurity

6 views0 saves0 applied

Apply Now

Quick Summary

Requirements Summary

We are looking for teammates who share and practice our values: open communication, transparency, taking ownership, and a high level of craftsmanship.

Technical Tools

SecurityApplication Security EngineerCybersecurity

BitGo is the leading infrastructure provider of digital asset solutions, delivering custody, wallets, staking, trading, financing, and settlement services from regulated cold storage. Since our founding in 2013, we have focused on enabling our clients to securely navigate the digital asset space. With a global presence and multiple Trust companies, BitGo serves thousands of institutions, including many of the industry's top brands, exchanges, and platforms, and millions of retail investors worldwide. As the operational backbone of the digital economy, BitGo handles a significant portion of Bitcoin network transactions and is the largest independent digital asset custodian, and staking provider, in the world. For more information, visit www.bitgo.com.

We are looking for a versatile Application Security Engineer to join the team to continue to mature the application security practices at BitGo. This exciting opportunity empowers you to ensure vulnerabilities are prevented, or detected as early as possible. You get the opportunity to make a real and meaningful difference. We want you to focus on quality over noise. Automation over manual work. Your work would take place during regular business hours working with the local team. From time to time evening meetings will be necessary.

Responsibilities

~1 min read

→Assist in the development of automated security testing to validate that secure coding best practices are being used
→Assist in the creation and delivery of secure development training
→Participate in application security reviews and threat modeling, including secure code review, architectural design, and dynamic testing
→Perform application security vulnerability management
→Support the bug bounty program
→Facilitate and support the preparation of secure releases
→Support and consult with engineering teams in the area of application security and best practices
→Drive security projects from ideation to requirements to implementation
→Mature the security program through the use of the NIST CSF
→Assist in any relevant incident response activities

We are looking for teammates who share and practice our values: open communication, transparency, taking ownership, and a high level of craftsmanship. We are looking for coworkers who share our vision and mission: deliver trust in digital assets.

5+ years of experience with application security
1-2 years of experience in software development and mobile security
Familiarity with common security libraries, security controls, and common security flaws.
Experience with OWASP, static/dynamic analysis, and common security tools
A basic understanding of network and web related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, protocols)
Experience in vulnerability management lifecycle
Familiarity with cloud security controls and best practices
Experience working with developers
Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
Preference for candidates who know some of the programming languages in use at BitGo - TypeScript, Go, Python, Java, Kotlin