Job Description
Summary
Our Security Team not only places great emphasis on credentials and expertise but also deeply values hands-on experience, rapid cognition, and dynamic learning. The challenges in the world of crypto are ever-evolving, and as such, our team prides itself on quick adaptability and robust teamwork, ensuring that we stay ahead of potential threats and always safeguard our user base.
No security practitioner wants to work in a company that no hacker would bother to hack. Crypts is a Crypto-currency company with our own Crypto Wallet, Exchange, and various Blockchain Technologies and all these are attracting top-notch hackers around the world to try to attack our system 24x7.
To keep up with the fast pace of the software development release cycle, the Application Security and DevSecOps team is expanding and hiring talented security professionals to join us and protect the company.
Responsibilities
- Discover security vulnerabilities through design review, manual source code review, and follow up on the remediation process
- Use automated tools to find security vulnerabilities in source code and/or system
- Participant in relevant agile scrum meetings and provide professional recommendations on the design of security controls, libraries, and/or protocols
- Conduct secure coding training sessions
- Implement various security control verification and risk detection by developing our own automation system
- Implement security related libraries for internal use
- Provide support on application level security monitoring, intrusion detection, and incident response
Requirements
- At least 5 years of software development experience with a focus on either Server Side Java or Rails language.
- Experience in mobile application development will be an added advantage
- We would love to hire a code reviewer with a solid background in security code review, but we are also open to candidates who have solid background in software development but no security code review experience.
- Candidates with more experience will be considered for a more senior role and title
- Good understanding of the whole software development lifecycle, CI/CD tools, cloud, Kubernetes, and various and technology stacks
- CISSP, CSSLP, OSWE is definitely an advantage
- Familiar with OWASP Top 10 is an advantage
- Proficiency in both spoken and written English. Being able to speak Mandarin will be an advantage
Benefits
- Working in a well-organized team and be able to learn how to protect an Enterprise and ship secure applications at a fast pace
- New challenges every day, but still be able to enjoy work-life balance
- Have exposure to many cutting edge technologies in the industry
- Flexible working environment with adjustable work from home arrangements
Skills
- Communications Skills
- Development
- Java