Your mission
We are looking for a Senior Product Security Engineer to enhance our security posture by integrating advanced security tools, implementing Zero-Trust principles, and proactively identifying and mitigating vulnerabilities. This role will play a critical part in ensuring compliance with industry security standards while fostering a culture of security best practices across development and operations.
In this role, you will:
* Integrate SCA, SAST, and DAST tools into CI/CD pipelines to ensure secure software development.
* Implement Zero-Trust security principles across infrastructure, ensuring robust access controls and identity management.
* Design and deploy secure and scalable secrets management solutions to protect sensitive data.
* Develop comprehensive threat models for all services, identifying and mitigating potential risks.
* Conduct frequent penetration testing of internal applications and services to identify vulnerabilities proactively.
* Establish unified vulnerability management pipelines, integrating and standardizing security data from multiple sources.
* Ensure compliance with industry security standards, including SOC 2, ISO 27001, and NIST frameworks.
* Collaborate with development and operations teams to advocate for security best practices and secure coding principles.
* Automate security-related tasks, leveraging scripting and security orchestration techniques.
* Research and implement emerging security technologies, particularly in blockchain and cryptographic security.
What you need to be successful:
* Experience in deploying and managing SAST, DAST, and SCA tooling within CI/CD environments.
* Strong knowledge of secure coding practices, threat modeling, and cryptography.
* Expertise in blockchain security and application security methodologies.
* Hands-on experience with AWS security best practices and cloud-native security solutions.
* Proven track record in vulnerability assessments, penetration testing, security monitoring, and incident response.
* Familiarity with key management solutions and Privileged Access Management (PAM) systems.
* Experience working with HSMs (Hardware Security Modules) or other secure computational technologies.
* Strong scripting and automation skills for security-related tasks (e.g., Python, Bash, PowerShell).
* Relevant security certifications such as OSCP, OSWE, AWS Security (preferred but not required).
* Excellent communication and collaboration skills, with the ability to work across teams and explain security concepts effectively.
* Prior experience working with cryptographic technologies or crypto-related projects is a plus.
What's in it for you:
* Accelerate your career growth by joining one of Europe's leading cryptocurrency management platforms
* 25 vacation days per year, with an additional day for each year of service - up to 30 days
* Access to cutting-edge technologies, high levels of autonomy, and international working environment
* Flexible working hours, hybrid work setup from both our Berlin and Porto offices
* Fitness (Urban Sports Club)
* Hot/cold drinks and snacks in the office, and All Hands meetings once a month with pizza