Application Security Engineer (DevSecOps) - Foris Limited｜Meet.jobs

About the Company:

Crypto.com was founded in 2016 on a simple belief: it's a basic human right for everyone to control their money, data and identity. With over 10 million users on its platform today, Crypto.com provides a powerful alternative to traditional financial services, turning its vision of "cryptocurrency in every wallet" into reality, one customer at a time. Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have CCSS Level 3, ISO27001:2013 and PCI:DSS 3.2.1, Level 1 compliance. Crypto.com is headquartered in Hong Kong with satellite offices in Singapore, the United Kingdom, Australia and the United States. For more information, please visit www.crypto.com

As an Application Security Engineer, you will play a role in designing, building and automating solutions to drive improvements to our existing DevSecOps practices.

Key Responsibilities Includes

• Designing, implementing and maintaining application security tools and processes in SDLC
• Building security automation / tools to reduce security toil for developers and security team
• Evaluate new tools and conducting POCs to improve Application Security practices
• Maintaining curated secure coding cheatsheets and guidelines that are used by the development teams
• Conducting training to developers on secure coding practices
• Providing support to users of security tool platforms including troubleshooting of issues etc.
• Keep up with trends and problems in Application Security / DevSecOps

Requirements:

• Experience and working knowledge of SAST, DAST and SCA tools (including their strength and weakness)
• Experience with implementing and maintaining security tools / DevSecOps processes at enterprise level
• Experience with CI/CD tools and pipelines
• Good understanding of secure coding practices to mitigate OWASP Top 10 / API Top 10 vulnerabilities
• Capable of coding if required. Experience with Python or Go is a plus.
• 2+ Years of hands-on experience with Application Security / DevSecOps.
• If you are a developer, experience as a Security Champion is a plus

Benefits:

• We offer an attractive compensation package working in a cutting-edge field of Fintech.
• Huge responsibilities from Day 1.
• Be the owner of your own learning curve.
• The possibilities are limitless and depend on you
• You get to work in a very dynamic environment and be part of an international team
• You will get to have involvement in developing a brand new product from scratch alongside with a talented team