Lead Security Engineer

- Do the words - cryptocurrency- and - blockchain- excite you? Do you want to be a part of India's largest cryptocurrency exchange and shape the future of a decentralized financial world? If yes, read on.

- Founded in 2018, WazirX has over 1 million users, and that number is growing rapidly. WazirX is on a mission to make crypto accessible to everyone in India. It was recently acquired by the world's biggest cryptocurrency exchange, Binance.

- Join us for an opportunity to do the best work of your life!

About the Role:

- You will own the complete security layer and be a single point of contact for Security deliverables across the organization.

- Perform network penetration testing, system vulnerability assessment & security configuration review

- Evaluate, integrate and onboard security tools such as SAST, RASP, open-source scanning into the DevSecOps life cycle.

- Work with product development teams to encourage security as a design paradigm and establish good practices.

- Integrate automated Application Security scanning into the build CI/CD pipeline.

- Own the technical architecture discussions with engineering & product teams and develop risk mitigation plans, when needed.

- Handle regulatory audits and provide reports to the authorities for audit and compliance

- Responsible to plan future security posture to address the developing cybersecurity threat landscape.

- Maintain comprehensive documentation related to the product security processes and controls.

About You:

- Minimum of 8+ years of hands-on experience and proficiency in at least one of the following languages: Java, Python, NodeJS.

- Strong background in multiple security disciplines and technologies, including network and endpoint security, identity and access management, end-user security services, SIEM, and security automation/orchestration, including deployment in public cloud (AWS) environments.

- Experience with web technologies such as HTML, JavaScript, AngularJS, ReactJS, CSS.

- Experience with backend technologies such as Ruby on Rails, Golang etc would be an added advantage

- Understanding of cloud architectures & data security on cloud. Familiarity with security and compliance best practices

- Ability to work with minimal levels of supervision or oversight

- Experience with Application Security tools including SAST, DAST, and OSS vulnerability scanning.

- Experience working with product development teams to identify and implement security improvements.

- Knowledge and experience performing security assessments of web and mobile applications.

- Knowledge of OWASP top-10 and a deep understanding of web application and mobile app vulnerabilities.

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.