Application Security Engineer
Join our team of cryptocurrency and security professionals and get involved in this cutting-edge business project!
We are developing a fully-fledged, extremely flexible platform that enables:
1. Easy-start trading in the crypto-world and withdrawal of cash-on-demand anytime
2. Transference of all forms of value like fiat currencies, digital currencies, asset tokens or securities
3. Running stock exchange and getting real-time market pricing
4. Managing accounts and obtaining real-time balances
You will be engaged in the design and implementation of a flexible engine for the full-cycle of Initial Coin and Token Offerings (ICOs) with a unique customizable rule engine, distributed ledger technologies, mobile payment gateways, comprehensive, world-class security frameworks and lots of other tremendous features, scaling the solution.
Dev-Pro will participate in both backend and frontend development as soon as PCI DSS certification is attained.
Dev-Pro participates in both backend and frontend development. Frontend part is based on Angular 4.0, backend on ASP.NET Core. Also, the project is PCI DSS compliant.
This position will involve:
- Performing manual and automated application, APIs, web services and network vulnerability assessments and document vulnerabilities, and provide recommendations for remediation
- Performing research into potential attack vectors (such as APIs, web app, network security, etc.)
- Performing manual code reviews on systems to identify vulnerabilities, to complement automated vulnerability assessments
- Developing automated security tests that can be integrated into a product’s automated test suites
- Providing security recommendations as the subject matter expert for development teams during all phases of development
- Validating vulnerability resolutions and ensure they are deployed to production in a timely manner
- Participating in the change management process, ensuring that all releases are reviewed by security before being approved for production
- Providing guidance to application groups on application security best practices
- 3+ years’ experience in application security
- Experience with enterprise application security solutions such as HPE Fortify SSC
- Experience with Cloud solutions such as Microsoft Azure or AWS
- Experience with source control, agile development, bug tracking, build automation, and change control platforms, e.g. implementing security assessments within a continuous integration process
- Ability to work independently with minimum supervision to meet firm deadlines
- Knowledge of common web application vulnerabilities (OWASP Top 10)
- 18-20 paid time off days per year
- 5 absence due to illness days and 21 day of extraordinary medical leave per year
- Medical Insurance and Healthcare Kit
- Extensive corporate professional training programs, workshops, ESL and conferences
- Team buildings, corporate parties and Dev-Pro Hangouts
- Relocation package
- Visa support