Home > Find Jobs

Job Search

Back
A tropical beach
Hashgraph company logo

Hashgraph

Remote within EU or APAC

Posted on: 07 November 2024

Back Apply to job

Experience

n/a

Work

n/a

Employee Type

n/a

Salary Range

n/a

Product Security Engineer

About Hashgraph:

Hashgraph is a fast-growing software company committed to supporting, developing and servicing Hedera, an open source, proof-of-stake platform. Hedera is EVM-compatible and has been specifically built to meet the needs of enterprise and Web3 applications, which require speed, security, stability and sustainability. Hedera’s public network is governed by industry-leading organizations, spanning 11 sectors and 14 regions who oversee the development and direction of the decentralized platform.

You may find yourself doing all of the following:

  • Conducting thorough security reviews of the company's products throughout the development lifecycle, including the design, implementation, and release phases
  • Collaborating with cross-functional teams to identify security vulnerabilities and recommend mitigation strategies
  • Developing and maintaining security testing methodologies and procedures
  • Implementing and managing automated security testing tools and processes
  • Providing guidance and support to development teams on secure coding practices and security best practices
  • Staying current with industry trends and emerging threats to inform and enhance product security measures
  • Assisting in incident response activities related to product security incidents
  • Participating in security awareness training programs for internal stakeholders

Qualification Requirements:

  • Minimum 6 years of experience in application or product security, including 2-3 years of experience in software development or related field
  • Familiarity with common security vulnerabilities and attack vectors
  • Hands-on experience with security testing tools such as static analysis, dynamic analysis, and fuzzing tools
  • Strong understanding of secure coding practices and principles (mainly Java and Solidity)
  • OSWA and/or CISSP certifications are mandatory - web3 experience can be considered as an alternative if these certifications haven't been obtained

Other skills that are great to bring with you but that we can help you develop:

  • Relevant certifications (e.g., OSCP, OSEP, OSWE)
  • Experience in Bug bounty, Security Research, CVE publications, Red teaming, and attack surface management
  • Experience with cloud environments (e.g., GCP, AWS)
  • Understanding of common programming languages and scripting languages, such as Python, PowerShell, or Bash
  • Experience with containerization and orchestration technologies, such as Docker and Kubernetes, and their associated security best practices
  • Knowledge about web3 / Blockchain / Crypto


Please mention the word **REVERENT** and tag RMTg4LjE2Ni4xMDAuMTkx when applying to show you read the job post completely (#RMTg4LjE2Ni4xMDAuMTkx). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.

Tags

security
web3
training
docker
support
software
testing
java
cloud
engineer
Apply to job