Your mission
We are looking for a Senior Product Security Engineer to enhance our security posture by integrating advanced security tools, implementing Zero-Trust principles, and proactively identifying and mitigating vulnerabilities. This role will play a critical part in ensuring compliance with industry security standards while fostering a culture of security best practices across development and operations.
In this role, you will:
- Integrate SCA, SAST, and DAST tools into CI/CD pipelines to ensure secure software development.
- Implement Zero-Trust security principles across infrastructure, ensuring robust access controls and identity management.
- Design and deploy secure and scalable secrets management solutions to protect sensitive data.
- Develop comprehensive threat models for all services, identifying and mitigating potential risks.
- Conduct frequent penetration testing of internal applications and services to identify vulnerabilities proactively.
- Establish unified vulnerability management pipelines, integrating and standardizing security data from multiple sources.
- Ensure compliance with industry security standards, including SOC 2, ISO 27001, and NIST frameworks.
- Collaborate with development and operations teams to advocate for security best practices and secure coding principles.
- Automate security-related tasks, leveraging scripting and security orchestration techniques.
- Research and implement emerging security technologies, particularly in blockchain and cryptographic security.
What you need to be successful:
- Experience in deploying and managing SAST, DAST, and SCA tooling within CI/CD environments.
- Strong knowledge of secure coding practices, threat modeling, and cryptography.
- Expertise in blockchain security and application security methodologies.
- Hands-on experience with AWS security best practices and cloud-native security solutions.
- Proven track record in vulnerability assessments, penetration testing, security monitoring, and incident response.
- Familiarity with key management solutions and Privileged Access Management (PAM) systems.
- Experience working with HSMs (Hardware Security Modules) or other secure computational technologies.
- Strong scripting and automation skills for security-related tasks (e.g., Python, Bash, PowerShell).
- Relevant security certifications such as OSCP, OSWE, AWS Security (preferred but not required).
- Excellent communication and collaboration skills, with the ability to work across teams and explain security concepts effectively.
- Prior experience working with cryptographic technologies or crypto-related projects is a plus.
What’s in it for you:
- Accelerate your career growth by joining one of Europe's leading cryptocurrency management platforms
- 25 vacation days per year, with an additional day for each year of service - up to 30 days
- Access to cutting-edge technologies, high levels of autonomy, and international working environment
- Flexible working hours, hybrid work setup from both our Berlin and Porto offices
- Fitness (Urban Sports Club) and mental health (Likeminded) memberships
- Hot/cold drinks and snacks in the office, and All Hands meetings once a month with pizza
