Senior Product Security Engineer

October 23, 2022 0 Comments

Strike’s mission is to build a more connected financial world.

Strike allows users to send and receive money anywhere, instantly, with no added fees. Strike is built on top of the Bitcoin network – the largest global, interoperable and open payments standard. Strike believes that open payment networks enable universal participation in the financial system, ushering in a new digital economy with truly borderless money transfers. Strike leverages Bitcoin’s open payment network to offer users the first global peer-to-peer payments app and a novel bitcoin-native payments experience.

Role:

Strike is looking to hire a senior level Product Security Engineer to help harden our products and infrastructure. You will be working directly with our engineering teams to ensure the secure design and implementation of Strike’s products, services, and infrastructure. You will be responsible for maintaining our product’s security by performing technical security assessments, threat modeling, security code reviews, and vulnerability testing.

As an early member of our security team, you will have a meaningful impact on our security priorities and direction. We are a young organization with very unique products. As such, we have an abundance of exciting security challenges and opportunities. You will have to wear many hats, and design solutions that scale.

Responsibilities:

Identify, triage, and provide remediation guidance for product and infrastructure vulnerabilitiesWork with Strike engineering teams to design more security infrastructure and productsThink like an attacker to identify weaknesses in application architectureImprove developer tooling and adoption to build a more robust SSDLCAssist incident response teams with application security expertise and toolsSupport and expand the product security engineering programs

Requirements:

3+ years working in product or application security rolesExperience auditing code and completing code reviews in languages like C#, Javascript, Swift and scripting languagesExperience with penetration testing with a focus on web application securityExperience in cloud security architecture and infrastructure (preferably GCP)Identify and prioritize risks through threat modeling exercises with engineering teamsExperience providing security knowledge and guidance to engineering teamDemonstrated understanding of web application securityStrong understanding of OWASP Top 10 vulnerabilities

Nice to have:

Technical understanding of Bitcoin and lightningExperience with security bug bountiesPublished contributions to the security communityPresentation experience at industry eventsExperience working with compliance, privacy, IT, networking or related functions

The ideal candidate application will contain a cover letter that provides a brief outline detailing a unique combination of skills, experience and how Strike would benefit from working with you.

Leave a Comment

Your email address will not be published.