- Seek Excellence.
- Be Selective To Be Effective.
- Be Highly Aligned, Loosely Coupled.
- Disagree Transparently.
- Encourage Independent Decision-Making.
- Build Dream Teams.
- Penetration testing of high priority features: product security engineers will prioritize features and applications to be tested, with specific objectives
- Adversarial Testing Campaigns: driven by threat intelligence, advanced testing techniques to uncover vulnerabilities in our products, infrastructure, or processes
- Design and implement the security testing program with guidance from the director of product security and help from product security team members
- Plan testing activities, communicate with involved teams (software engineering, SRE, ...)
- Perform security-focused code reviews
- Perform manual testing of security features such as authentication, authorization
- Perform adversarial tests in an ethical manner using manual and automated techniques, creating a repository of methods and scripts that will be augmented regularly; Provide report of vulnerabilities
- Recommend off-the shelf and specialized testing tools for the firm
- Develop an extensive knowledge of the technical architecture and business functionality of the companies products
- Help maintain and address stability of the testing environment
- Be an advocate of security testing to software engineering and product teams, and help them develop a mindset of thinking about adverse scenarios and how a system can be subverted
- Provide guidance to development and SRE teams on the mitigation of vulnerabilities
- Stay informed of the latest developments in adversarial tactics and techniques and application vulnerabilities - especially in financial and digital asset space - and adapt the strategy or tooling to address new threats
- Bachelor or post-graduate diploma in cybersecurity or technology
- 5 years experience in security research and web penetration testing
- 3 years experience with cloud and container architectures
- 2 years experience in a full-time programming role
- Programming and scripting language experience; Java, C++, Python, or similar languages
- Security certification in cybersecurity testing -or- network security -or- application security (OSWE/CEH, Network+, CSSLP)
- Attention to detail, to be able to plan and execute tests on a wide range of applications
- Excellent communication skills and the ability to collaborate effectively with cross-functional teams
- Ability to think creatively and strategically to identify flaws and vulnerabilities
- Experience with automated security testing such as DAST, SAST, SCA
- Willingness to travel up to 15% of the year
- Cryptocurrency, trading, and derivatives financial products knowledge
- Familiarity with multi-participant approvals such as MPC and multi-signature
- Competitive base salary, bonus, and equity compensation
- Flexible Time Off (i.e. unlimited paid vacation days)
- Company paid Holidays (11)
- Company paid sick leave
- Company-paid health and protective benefits for employees, partners, and other dependents
- 3% 401(k) company contribution
- Generous paid Parental Leave
- Free virtual coaching and counseling sessions through Ginger
- Opportunities to learn about the Crypto industry
- Free daily snacks in-office
- Smart, entrepreneurial, and fun colleagues
- Employee Resource Groups
-
Security Engineer
4 days ago
Alchemy New York, United Statesis to bring blockchain to a billion people. The Alchemy Platform is a world class developer platform designed to make building on the blockchain easy. We've built leading infrastructure in the space, powering over $105 billion in transactions for tens of millions of users in 99% ...
-
Security Engineer
4 weeks ago
Alchemy New York, United Statesis to bring blockchain to a billion people. The Alchemy Platform is a world class developer platform designed to make building on the blockchain easy. We've built leading infrastructure in the space, powering over $105 billion in transactions for tens of millions of users in 99% ...
-
Security Engineer
1 week ago
MedReview Inc. New York, United StatesWorkingConditions: Full-time (M-F), Office Business Settings. This is an On-Premises position. Monday through Thursday (9-5) and remote on Fridays only . · PositionSummary –The Security Engineer is responsible for securing – maintaining and monitoring MedReview's enterprise infra ...
-
Security Engineer
21 hours ago
TSR Consulting New York, United StatesAbout TSR: · TSR is a relationship-based, customer-focused IT and technical services staffing company. · For over 40 years TSR, Inc. and its wholly owned subsidiary, TSR Consulting Services, have prospered in the Information Technology staffing business, earning the respect of co ...
-
IT Security Engineer
21 hours ago
CyberTec New York, United StatesIT Security Engineer, 10 + Years · Work Location: ONSITE, Graybar Building, NYC · Desired Start Date: 3/18/2024 · Duration: 12 Months · Work hours: 40.00 · Business Organization:METROPOLITAN TRANSPORTATION AUTHORITY · Pay Rate $65 · Responsibilities include the following: ...
-
Security Engineer
1 week ago
Green Key Resources New York, United StatesDepartment: Infrastructure Services · StaffTitle: Security Engineer · Reportsto: Director of IT · FLSAStatus: Exempt · WorkingConditions: Full-time (M-F), Office Business Settings. This is an On-Premises position. Monday through Thursday (9-5) and remote on Fridays only (No excep ...
-
IT Security Engineer
2 weeks ago
NYC Health Hospitals New York, United StatesMetroPlus Health provides the highest quality healthcare services to residents of Bronx, Brooklyn, Manhattan, Queens and Staten Island through a comprehensive list of products, including, but not limited to, New York State Medicaid Managed Care, Medicare, Child Health Plus, Excha ...
-
Security Engineer
21 hours ago
Celonis GmbH New York, United StatesWe're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join ...
-
Security Engineer
2 weeks ago
TSR Consulting New York, United StatesAbout TSR: · Make your application after reading the following skill and qualification requirements for this position. · TSR is a relationship-based, customer-focused IT and technical services staffing company. · For over 40 years TSR, Inc. and its wholly owned subsidiary, TSR ...
-
Security Engineer
3 weeks ago
Datadog New York, United StatesWe are looking for a Security Engineer for the Software Integrity and Trust team to build systems that protect Datadog against various forms of supply-chain attacks. · You'll join at an ideal time to make a big impact: supply-chain attacks continue to be one of the fastest growin ...
-
Security Engineer
2 weeks ago
Wallero New York, United StatesTitle: Security Engineer · Position: Contract · PRIMARY LOCATION: New York · Note: Only who are willing work on our W2 · Description: · Highly motivated self-starter with excellent interpersonal and problem-solving skills · Bachelor s degree or equivalent work experience · Good o ...
-
Security Engineer
21 hours ago
Figma New York, United StatesFigma is growing our team of passionate people on a mission to make design accessible to all. Born on the Web, Figma helps entire product teams brainstorm, design and build better products - from start to finish. Whether it's consolidating tools, simplifying workflows, or collabo ...
-
Security Engineer
1 day ago
Alchemy New York, United StatesOur mission is to bring blockchain to a billion people. The Alchemy Platform is a world class developer platform designed to make building on the blockchain easy. We've built leading infrastructure in the space, powering over $105 billion in transactions for tens of millions of u ...
-
IT Security Engineer
1 day ago
E.L.F. Beauty, Inc. New York, United StatesAbout the Company · e.l.f. Beauty, Inc. stands with every eye, lip, face and paw. Our deep commitment to clean, cruelty free beauty at an incredible value has fueled the success of our flagship brand e.l.f. Cosmetics since 2004 and driven our portfolio expansion. Today, our mult ...
-
Security Engineer
3 weeks ago
MicroData Systems, Inc. New York, United StatesJob Description · Job DescriptionSecurity Engineer · Your Career · As a Security Engineer you will be responsible for assisting with the log migration and detection strategy of our customers. You will work closely with the technical lead to ensure that all the relevant log sourc ...
-
Security Engineer 2
2 weeks ago
Datadog New York, United StatesSecurity Engineer 2 - Adversary Simulation Operations · New York, New York, USA · We're looking for engineers with a background in offensive security in the areas of Kubernetes and container security, network penetration testing, application security and cloud infrastructure. Ex ...
-
Enterprise IT Security Engineer
3 weeks ago
Datadog New York, United StatesEnterprise IT Security Engineer · New York, NY, United States · Description · The Enterprise IT Security team is internally focused with the mission of securing the endpoints, applications, infrastructure, services and networks that Datadog employees rely on on a daily basis. T ...
-
Product Security Engineer
1 week ago
Glocomms New York, United StatesLocation: Manhattan (Midtown) | 100% Onsite · Overview: Glocomms is partnered with a premier quantitative hedge fund dedicated to leveraging advanced mathematical models and cutting-edge technology to achieve superior investment performance. · The new Product Security Engineer r ...
-
Engineer - IT Security Compliance
5 days ago
Tiffany & Co New Jersey, United States Permanent JobPosition · Seeking an Engineer - IT Compliance to join our security team. This role is part of a diverse team of Engineers tasked with maintaining and improving the compliance posture of the organization. This individual will drive resolutions to control-related matters, proacti ...
-
Network Security Engineer
2 weeks ago
CornerStone Consulting Group, Inc. in Pittsburgh, PA New York, United StatesWe are looking for candidates that have 5+ years of network security engineering experience to join our client's team as a full-time employee. Will be responsible for providing support for the enterprise network security design and monitoring activities. Should have extensive exp ...
VP, Offensive Security Engineering - New York, United States - NinjaJobs
Description
Job Description
Job DescriptionVP, Senior Offensive Security Engineer
Who We Are:
At this company we are building products and services to help the world invest in economic progress. We believe crypto and blockchain innovations will permeate and improve all aspects of our global economy. Our vision is a society where value and ownership flow as freely as information. The company is a digital asset and blockchain leader helping institutions, startups, and individuals access and navigate the crypto economy. As one of the most well-capitalized and trusted companies in the industry, we provide platform solutions custom-made for a digitally native ecosystem across three complementary operating businesses: Global Markets, Asset Management, and Digital Infrastructure Solutions. Our offerings include, amongst others, trading, lending, strategic advisory services, institutional-grade investment solutions across passive, active and venture strategies, proprietary bitcoin mining and hosting services, network validator services, and the development of enterprise custodial technology.
The Company is headquartered in New York City, with global across North America, Europe and Asia.
What We Value:
We are a diverse team of free thinkers, and fast movers united to help investors and creators energize the global economy. We are looking for individuals who thrive in a culture of builders and overachievers and embrace high performance, transparent feedback, and a mission-first approach. Our culture shapes our way of working and gets us where we want to be.
Who You Are:
The Product Security team is looking for a Senior Offensive Security Engineer to design and implement a security testing program where we will use creative adversarial techniques to uncover vulnerabilities in our products, but also dedicate a substantial amount of time to provide guidance and hands on help to engineers to remediate the issues.
Our team objective is to ensure a secure-by-design approach to all product development and operations, and we seek a strong testing practice as the final assurance that controls are implemented properly. The type of products in our scope are client facing and internal Web/APIs, blockchain applications, data lakes and integration of advanced trading architectures.
As of today we envision the development of such pillars as part of the security testing program:
As a member of the product security team, the testing engineer will be in a unique position, working closely with the software engineering, SRE, and security operations teams.
We are looking for a driven professional, with great communication and organization skills.
What You'll Do:
What We're Looking For:
Bonus Points:
The base salary ranges included below will be commensurate with candidate experience, expertise and local market. Final offer amounts are determined by multiple factors, including candidate experience and expertise. At this company, we maintain a total compensation philosophy which consists of a competitive base salary, annual bonus, and equity incentives.
Base Salary Range: $180,000 - $220,000
What We Offer: