Senior Product Security Engineer-Application Security at Chainalysis - Oct 24

< Back to results

Senior Product Security Engineer-Application Security


Chainalysis Jobs · Canada - Remote · Engineering & Modelling
Chainalysis logo
This job post has now expired. Please see the other Chainalysis jobs available.
Job Overview

Blockchain technology is powering a growing wave of innovation. Businesses and governments around the world are using blockchains to make banking more efficient, connect with their customers, and investigate criminal cases. As adoption of blockchain technology grows, more and more organizations seek access to all this ecosystem has to offer. That’s where Chainalysis comes in. We provide complete knowledge of what’s happening on blockchains through our data, services, and solutions. With Chainalysis, organizations can navigate blockchains safely and with confidence.

Chainalysis is seeking a dynamic and passionate Application Security Engineer with experience to join our cutting-edge team. As a trailblazer in blockchain forensics, we require a candidate with a strong understanding of application security principles, excellent communication skills, and the ability to collaborate with various stakeholders. A background in software development is valuable. In this crucial role, you will safeguard our organization's critical data and applications within cloud and application environments, contributing to the advancement of our innovative blockchain solutions.

Key Responsibilities:

  • Proactively identify, assess, and prioritize security issues in cloud and application environments, managing remediation processes
  • Collaborate with development teams to integrate security best practices throughout the application development life cycle
  • Manage and optimize application security tools, such as JFrog Xray, SonarCloud, and Burp Suite, ensuring alignment with organizational security requirements and best practices
  • Develop and maintain Software Bill of Materials (SBOMs) for applications, ensuring accurate tracking of software components and their dependencies, and perform Software Composition Analysis (SCA) on the SBOMs to identify and address potential security vulnerabilities, license compliance issues, and outdated dependencies.
  • Implement and manage security workflows and processes, focusing on application security testing to maintain a secure and compliant ecosystem
  • Develop and maintain meaningful security metrics for application security tools and testing, evaluating effectiveness and alignment with organizational security requirements and best practices
  • Provide support to internal users of security tools, promptly responding to Jira tickets assigned to the security team, ensuring effective collaboration and addressing security-related concerns
  • Conduct security assessments and penetration testing on applications and systems to identify and address vulnerabilities
  • Develop and maintain security policies, procedures, and standards to ensure compliance with regulatory and industry requirements
  • Perform comprehensive security reviews of applications hosted on AWS by threat modeling, identifying potential vulnerabilities, and providing remediation strategies.
  • Design, develop, and implement security automation using AWS security services and third-party tools to automate the security review process for applications hosted on AWS.

Key Technical Skills:

  • Knowledge of OWASP Top 10 vulnerabilities and mitigation techniques; experience identifying and exploiting common vulnerabilities in web applications and networks
  • Proficiency in web application security frameworks and tools, including Burp Suite, Nmap, Metasploit, and experience with network and application security testing
  • Familiarity with secure development practices, such as secure coding, threat modeling, and security risk assessment
  • Experience in programming languages, using secure coding practices, such as Python, Java, or Javascript, and familiarity with Agile and DevOps methodologies
  • Knowledge of containerization technologies (e.g., Docker) and orchestration platforms (e.g., Kubernetes)
  • Experience with security testing tools, including Sonarcloud, Jfrog, or Burp, and integration into CI/CD pipelines
  • Experience using GitHub for secure code development and knowledge of GitHub Actions for automated security testing and deployment pipelines
  • Experience with AWS security services and tools: Proficiency in AWS security services such as AWS Security Hub, AWS Config, AWS Inspector, and AWS GuardDuty, among others.
  • Understanding of Infrastructure as Code (IaC) security: Knowledge of best practices for securing Infrastructure as Code (IaC) scripts, such as AWS CloudFormation templates or Terraform scripts. Experience in using tools like Checkov or Bridgecrew for IaC security scanning and remediation.

More Jobs at Chainalysis


Chainalysis Overview

Chainalysis provides global law enforcement agencies, regulators, and businesses with cryptocurrency investigation and compliance solutions to help them collaborate and combat illegal cryptocurrency activities. With the support of prominent venture capital firms such as Benchmark, Chainalysis creates confidence in blockchains.

Website Twitter LinkedIn Job Archive

Chainalysis Jobs by Location

Check below to see all of the open Chainalysis jobs organised by office location.

Chainalysis Jobs by Team

Check below to see all of the open Chainalysis jobs organised by team.

Latest Crypto Blog Posts

From Blockchain To Bureaucracy: Web3 Vs Civil Service Jobs


In recent years, the job market in the UK has seen a significant evolution with the emergence of Web3 jobs alongside traditional roles in the Civil Se...

Posted by Jane Lepson · 4th November 2023 12:53 PM

The Role Of Cryptocurrency In Decentralized Digital Identity Solutions


Cryptocurrency, often associated with financial transactions and investments, has an important role to play in the development of decentralized digita...

Posted by Jackson Matlock · 2nd August 2023 12:14 PM

The Impact Of Cryptocurrencies On The Aerospace And Defense Industry: A New Era Of Innovation


Cryptocurrencies have been a game changer for the financial industry, but their impact is now being felt in other sectors as well. One such sector is ...

Posted by Jackson Matlock · 2nd August 2023 05:38 AM

Understanding Cryptocurrency Trading Regulations: Compliance And Legal Considerations


Cryptocurrency trading has become increasingly popular over the years, but it has also come under increased scrutiny from regulators and lawmakers. Un...

Posted by Sean Lakers · 1st August 2023 11:31 AM

Cryptocurrency And The Medical Industry: A New Era Of Patient Care And Innovation


Cryptocurrency and blockchain technology have been making waves in the finance industry for some time now, but their potential applications outside of...

Posted by Tommy Layton · 31st July 2023 01:38 AM

The Role Of Cryptocurrency In Decentralized Finance (DeFi) Derivatives Markets


Decentralized finance (DeFi) is an emerging sector in the cryptocurrency industry that is rapidly gaining traction. DeFi aims to provide an alternativ...

Posted by Tommy Layton · 30th July 2023 11:38 AM

The Impact Of Cryptocurrencies On The Media And Entertainment Industry: A New Era Of Creativity


The Rise of Cryptocurrencies in the Media and Entertainment Industry The rise of cryptocurrencies has not only revolutionized the financial industry ...

Posted by Ramon Cretlin · 30th July 2023 04:40 AM

Understanding Cryptocurrency Trading Platforms: From Centralized To Decentralized Exchanges


Cryptocurrency trading platforms have revolutionized the way we buy, sell, and exchange digital currencies. These platforms come in different forms, i...

Posted by Jane Lepson · 30th July 2023 07:26 AM

Cryptocurrency And The Consumer Goods Industry: A New Era Of Retail And Manufacturing


The consumer goods industry is on the verge of a major transformation, thanks to the rise of cryptocurrency. With blockchain technology enabling secur...

Posted by Ramon Cretlin · 27th July 2023 11:40 AM

The Role Of Cryptocurrency In Decentralized Intellectual Property Solutions


As the world becomes more digitized, intellectual property protection has become a more complex task. Intellectual property, including patents, tradem...

Posted by Jackson Matlock · 27th July 2023 12:14 PM