Skip to main content
NEUN
Back to Careers

Consensys

Senior Application Security Engineer

NEW
United States, EMEAFull-timeGlobal

šŸ’° USD 130,000 - 218,000/yr

šŸ“Š MidšŸ  Remote
ActivePosted within the last 30 days

Job Description

[AI-summarized by JobStash]

You will embed security into the software development lifecycle for MetaMask products. You will review designs, perform threat modeling, conduct security testing and code reviews, and triage vulnerabilities reported through the bug bounty program. You will write code to fix vulnerabilities and build security automation and tooling, validate patches, and drive remediation within SLAs. You will liaise with engineers and ethical hackers, document findings clearly, and help prevent future issues through controls and developer education.

Requirements

  • ā—6+ years building and securing software, with at least 4 years in product or application security
  • ā—Experience securing server-side applications and environments
  • ā—Experience performing security design reviews, threat modeling, and security testing
  • ā—Experience working with or securing JavaScript and Node.js applications in modern web environments
  • ā—Strong coding skills in modern application stacks, ideally JavaScript and Node.js
  • ā—Experience securing web applications and APIs
  • ā—Solid written and verbal communication skills
  • ā—Proactive and self-driven with ability to work effectively in a remote environment
  • ā—Relevant knowledge of modern web and mobile application security landscape, real-world attacks and mitigations

Responsibilities

  • ā—Determine root cause and severity of reported vulnerabilities
  • ā—Triage bug bounty reports and interface with ethical hackers
  • ā—Guide product engineering teams to remediation
  • ā—Document identified vulnerabilities to enable rapid engineering action
  • ā—Write code to support security engineering projects and fix client vulnerabilities
  • ā—Develop AI tooling for vulnerability determination and resolution
  • ā—Assess application security and ensure remediation within SLAs
  • ā—Conduct design reviews, threat modeling, security testing, and code reviews
  • ā—Identify gaps in the SSDLC and lead remediation efforts
  • ā—Validate security patches and test for potential bypasses
  • ā—Develop automation, security controls, and educational materials to prevent recurrence

Benefits & Perks

  • ā—Comprehensive competitive benefits package
  • ā—Equity
  • ā—Access to Consensys Advance Program and Coursera learning modules
  • ā—Unlimited vacation/holidays
  • ā—Flexible working arrangements
  • ā—Remote-first work

Tech Stack

Node.jsthreat modelingweb applicationSSDLCApplication securityvulnerability managementvulnerability triageAI toolingserver-side developmentcode reviewproject:Mask Network
Expired
Search