Summary

We are looking for a Senior Product Security Engineer to enhance our security posture by integrating advanced security tools, implementing Zero-Trust principles, and proactively identifying and mitigating vulnerabilities. This role will play a critical part in ensuring compliance with industry security standards while fostering a culture of security best practices across development and operations.

In this role, you will:

1. Integrate SCA, SAST, and DAST tools into CI/CD pipelines to ensure secure software development.

2. Implement Zero-Trust security principles across infrastructure, ensuring robust access controls and identity management.

3. Design and deploy secure and scalable secrets management solutions to protect sensitive data.

4. Develop comprehensive threat models for all services, identifying and mitigating potential risks.

5. Conduct frequent penetration testing of internal applications and services to identify vulnerabilities proactively.

6. Establish unified vulnerability management pipelines, integrating and standardizing security data from multiple sources.

7. Ensure compliance with industry security standards, including SOC 2, ISO 27001, and NIST frameworks.

8. Collaborate with development and operations teams to advocate for security best practices and secure coding principles.

9. Automate security-related tasks, leveraging scripting and security orchestration techniques.

10. Research and implement emerging security technologies, particularly in blockchain and cryptographic security.

What you need to be successful:

1. Experience in deploying and managing SAST, DAST, and SCA tooling within CI/CD environments.

2. Strong knowledge of secure coding practices, threat modeling, and cryptography.

3. Expertise in blockchain security and application security methodologies.

4. Hands-on experience with AWS security best practices and cloud-native security solutions.

5. Proven track record in vulnerability assessments, penetration testing, security monitoring, and incident response.

6. Familiarity with key management solutions and Privileged Access Management (PAM) systems.

7. Experience working with HSMs (Hardware Security Modules) or other secure computational technologies.

8. Strong scripting and automation skills for security-related tasks (e.g., Python, Bash, PowerShell).

9. Relevant security certifications such as OSCP, OSWE, AWS Security (preferred but not required).

10. Excellent communication and collaboration skills, with the ability to work across teams and explain security concepts effectively.

11. Prior experience working with cryptographic technologies or crypto-related projects is a plus.

What’s in it for you:

1. Accelerate your career growth by joining one of Europe's leading cryptocurrency management platforms

2. 25 vacation days per year, with an additional day for each year of service - up to 30 days

3. Access to cutting-edge technologies, high levels of autonomy, and international working environment

4. Flexible working hours, hybrid work setup from both our Berlin and Porto offices

5. Fitness (Urban Sports Club) and mental health (Likeminded) memberships

6. Hot/cold drinks and snacks in the office, and All Hands meetings once a month with pizza

Skills

• AWS
• Communications Skills
• Cryptography
• Development
• Software Engineering
• Team Collaboration