Application Security Engineer

Fireblocks

Fireblocks

Tel Aviv-Yafo, Israel
Posted on Tuesday, October 3, 2023

Founded in 2018 and already valued at over $8 billion, Fireblocks is a SaaS platform that helps companies to create innovative products on the blockchain and manage day-to-day crypto operations. Fireblocks is trusted by some of the largest financial institutions, banks, globally-recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more, to securely scale digital asset operations through the Fireblocks Network and MPC-based wallet infrastructure. We have offices in New York, London, Tel Aviv, and Singapore, and we are continuing to expand our teams to reach new customers globally.

Job Summary:

We are seeking a highly skilled and motivated DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will be responsible for ensuring the secure and efficient operation of our software development and deployment processes. You will collaborate with cross-functional teams to integrate security practices into the development lifecycle and foster a culture of security awareness. The ideal candidate will possess a strong background in software development, SDLC security principles, and threat modeling for application-based features.

Responsibilities:

  • Design, develop, and implement secure software development and deployment pipelines, incorporating security best practices, automation, and continuous integration/continuous deployment (CI/CD) methodologies.
  • Collaborate with development, operations, security champions program, and security teams to identify and prioritize security vulnerabilities/issues, and requirements and integrate security controls into the development lifecycle.
  • Perform vulnerability assessments, and security code reviews to identify and address security vulnerabilities and risks.
  • Implement and manage security tools and technologies such as SCA, SAST, IaC, etc/
  • Develop and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry best practices.
  • Stay up to date with the latest security trends, vulnerabilities, and threat intelligence to proactively identify emerging risks and recommend security enhancements.
  • Collaborate with cross-functional teams to conduct security awareness training and promote a culture of security within the organization.

Qualifications:

  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience) - advantage
  • Proven experience in software development, DevSecOps or a related role.
  • Strong knowledge of software development methodologies, tools, and frameworks.
  • In-depth understanding of security principles, best practices, and industry standards (e.g., OWASP, NIST, ISO 27001).
  • Experience with DevOps and CI/CD practices, including tools such GitLab/GitHub, ArgoCD.
  • Familiarity with cloud platforms (e.g., AWS, Azure, GCP and associated security controls.
  • Proficiency in scripting and programming languages (e.g., Python,NodeJS, C).
  • Strong problem-solving and analytical skills, with the ability to identify and mitigate security risks.
  • Excellent communication and collaboration skills, with the ability to work effectively in cross-functional teams.
  • Relevant certifications (e.g., Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP)) are a plus.

Fireblocks' mission is to enable every business to easily and securely access digital assets and cryptocurrencies. In order to do that, we strongly believe our workforce should be as diverse as our clients, and this is why we embrace diversity and inclusion in all its forms.

Please see our candidate privacy policy here.