Blockdaemon is looking for a talented Security Engineer who is excited to help scale one of the largest decentralized blockchain infrastructure platforms in the world. You'll work closely with the technology organization to evaluate the design and implementation of our product offerings, help create innovative security solutions for our products, and educate our teams on secure application development and emerging threats. In addition, you will solve ambitious technical problems on the forefront of application security with a transparent and open minded team.
- Operationalizing SAST and DAST integrations into our build and deploy pipelines
- Contributing security-focused feedback to engineers during all phases of the development lifecycle
- Performing technical security assessments on our web applications, native clients, internal services, and partner applications
- Seeking out opportunities to automate processes when appropriate
- Communicating risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns
- Maintaining and creating secure development practices and programs for our engineering teams and external developers
- Acting as an ambassador for security within Blockdaemon
- Identifying emerging classes of vulnerabilities and developing solutions for them before they’re a problem
- Bachelor’s degree in Computer Science, Engineering or related field, or equivalent training, fellowship, or work experience
- 5+ years experience in security testing of web applications and native apps
- Deep understanding of web application architecture and design principles
- Strong written and verbal communication skills and ability to communicate with empathy when delivering constructive feedback regarding security matters to engineers and product designers
- Familiarity with common web application testing tools for DAST, SAST, and IAST analysis such as Burp Suite, Checkmarx, Veracode
- Knowledge of authentication mechanisms like SAML, OAuth, etc.
- Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
- Knowledge of how to test code and applications across various platforms (iOS, Mac, Linux, Windows, Android, etc) for security and quality
- Ability to see patterns, commonalities and investigate complex issues
- Organizational skills to bring together and record detailed and accurate information about bugs and systemic issues
- Experience with GCP is a plus
- Current or former security training or certifications such as SANS GWAPT or similar is a plus
- Though this is not primarily a development role, some background in software engineering in a collaborative and dynamic environment is a plus
We Know Nodes.
Blockdaemon is the leading blockchain node infrastructure platform. Supporting 30+ protocols, 70 out-of-the-box node types, and monitoring plug-ins for cloud and on-premises services, Blockdaemon is used by exchanges, custodians, enterprises, financial institutions and 10k+ developers to connect commercial stakeholders to blockchains. Blockdaemon's mission is to simplify the process of deploying nodes and creating scalable enterprise blockchain solutions via APIs, BYOI, auto- decentralization and auto-healing of nodes.
We are rapidly growing our fully remote, decentralized team. We are made up of dedicated and passionate individuals who want to make an impact in this dynamic and emerging industry. We offer competitive salaries as well as employer contributions to health, dental, vision, life and disability insurances. At Blockdaemon, we understand that “life happens” and offer a flexible PTO policy and encourage employees to take time off when they need it.
We are an equal opportunity employer.