Senior Application Security Engineer

What will be my impact?

At FalconX, you’ll help create a more open financial system. In building the trading, credit and custody infrastructure, we are enabling thousands more institutions to enter the market and support a more open and accessible financial system. The world’s largest financial institutions from Wall Street to Silicon Valley will turn to you for products that provide unparalleled seamless, efficient and secure access to the cryptocurrency sector.

Job Summary:

As an Application Security Architect, you will be responsible for designing, implementing, and maintaining secure software development practices within our organization. You will work closely with software developers and other team members to ensure that our applications are secure, and you will be a key member of our security team.

Key Responsibilities:

• You will be the primary security expert for multiple product lines, and act as the point of contact for engineering and security.
• Perform architecture reviews, participate in security code reviews, and perform penetration testing against products prior to shipping.
• Support engineering with implementing security fixes, ensuring security scanners are utilized correctly, and develop strategies to proactively secure the architecture. 
• Review development frameworks for security functionality, consistency, and uplift opportunities.
• Create threat models for products, and leverage them to prioritize remediations based on risk impact.
• Educate and train product teams on security topics and skills to extend AppSec’s reach by deputizing product teams to help themselves.

Requirements:

• Bachelor's degree in Computer Science or a related field
• 5+ years of experience in application security or a related field in crypto, FinTech or HealthTech
• Strong understanding of secure software development practices and technologies, including experience with threat modeling and secure coding standards
• Experience with code reviews and security assessments
• Proficiency in at least one programming language, such as Java, C#, or Python
• Experience with web application security, including experience with common vulnerabilities such as SQL injection and cross-site scripting (XSS)
• Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams
• CISSP, OSCP, or other relevant security certifications a plus

You look like:

• Having a history exhibiting high quality execution in our core competencies will help your case.
• Our technical space spans many Protocols, Languages, and Frameworks. Proficiency in OpenSAMM or BSIMM is required. 
• Penetration testing experience both hands-on and collaborating with third parties is required. 
• Application Security experience in blockchain space is nice to have. 
• As a security partner, we expect you to be capable of shifting between executing on reviews, writing standards, and writing code.
  
  

Base pay for this role is expected to be between $190,000 and $225,000. This expected base pay range is based on information at the time this post was generated. This role will also be eligible for other forms of compensation such as a performance linked bonus, equity, and a competitive benefits package. Actual compensation for a successful candidate will be determined based on a number of factors such as skillset, experience, and qualifications.