CAREERS

As an Application Security Engineer at Chainalysis, you'll be at the forefront of blockchain technology security. Your work will ensure the security and integrity of our innovative solutions, paving the way for the future of the blockchain industry. While a background in Software Development, DevOps, or Cloud Infrastructure helps, what truly matters is your understanding of cloud security best practices and application security principles. We value a diverse range of skills and perspectives, and we encourage individuals with a strong passion for security to apply.

What You'll Do:

• Actively seek out, assess, and manage security threats in our cloud and application landscapes, orchestrating effective remediation processes.
• Collaborate with our development, operations, and security teams, integrating secure practices into our CI/CD pipelines.
• Manage state-of-the-art application security tools, such as JFrog Xray, SonarCloud, and Burp Suite, aligning their capabilities with our unique security needs and standards.
• Execute thorough security assessments and penetration tests on applications and systems, proactively tackling vulnerabilities.
• As part of a team, conduct security reviews of our new products, features, and solutions by deep-diving into code, reviewing security architectures, and running advanced security testing to ensure our innovations are secure from the ground up.
• Craft and uphold security policies, procedures, and standards, ensuring compliance with the relevant regulatory and industry requirements.
• Support the internal use of security tools and swiftly respond to security-related queries and concerns raised on Jira.

A background like this helps:

• Proficient knowledge of OWASP Top 10 vulnerabilities and mitigation techniques
• Command over web application security frameworks and tools such as Burp Suite, Nmap, Metasploit, to protect our systems from the most sophisticated threats
• Hands-on experience with security testing tools like Sonarcloud, Jfrog, Burp, (or others), and can weave them seamlessly into our CI/CD pipelines for comprehensive security checks.
• DevOps experience will be extremely helpful in bridging the gap between software development, operations, and security.
• Knowledge of secure coding practices in Python, Java, or Javascript, with a knack for weaving security into our Agile and DevOps methodologies.
• Prior experience in conducting security reviews of new products and features, including code inspection and advanced security testing, to ensure all our innovations are secure from inception.

To provide greater transparency to candidates, we share base salary ranges for all United States based job listings. We set standard base salary ranges for all roles based on function, level, and location, benchmarked against technology companies. Individual pay decisions are based on a number of factors, including qualifications for the role, relevant work experience, skillset, internal equity, and other factors, consistent with applicable law.

The salary range for this position is dependent on where you live within the United States. Chainalysis maintains two pay zones: Zone 1 includes team members in the New York City metro area and team members in the San Francisco Bay Area. Zone 2 encompasses all other parts of the United States. The salary ranges are:

Zone 1 $145,000 - $190,000 - $230,000

Zone 2 $127,500 - $165,000 - $203,000

Base salary is just one part of our total rewards package which additionally includes equity, performance bonus or commissions for eligible roles, and competitive benefits

#LI-BD1 #LI-Remote