About Kraken
Our mission is to accelerate the adoption of cryptocurrency so that you and the rest of the world can achieve financial freedom and inclusion. In our first decade, Kraken has risen to become one of the largest, most successful and respected crypto exchanges on the planet.
We are changing the way the world thinks about finance and our range of successful products are playing a critical role in the mainstream adoption of crypto assets. We continue to trail-blaze into new territory with the introduction of Kraken Bank, providing a more seamless integration between crypto and the traditional financial system. This makes us the first crypto company (ever) to be awarded a U.S. state banking charter.
Our diverse group of 2,000+ Krakenites are distributed all over the world as part of our 'remote first' culture, united by a shared passion for delighting customers, upholding crypto values and achieving our meaningful mission. We attract people who push themselves to improve, are radically transparent and think differently in order to unlock their potential.
Crypto is a rapidly evolving industry and we’re just getting started. We’re growing fast and you're invited to join the revolution!
About The Role
The Application Security Engineer will be responsible for integrating security into the development of applications. The engineer will work closely with Kraken's Product and software development teams to threat model, vulnerability scan and penetration test the early software, system and architecture while identifying the required control points in the application stack. The engineer will also closely work with developers to diagnose, document and remediate security vulnerabilities. The engineer will also be responsible for evaluating, recommending and implementing security related software on the SDLC. Further, the engineer must be comfortable leading and training developers in secure best practices.
Requirements
- 3+ years of Development experience
- Proficient in a primary development language
- Organized, responsive problem solver
- Strong understanding of application security frameworks
- Thorough knowledge of OWASP Top 10 & ASVS
- Understanding of Security Code Reviews and
- Strong Self-started able to operate independently
- Excellent oral/written presentation skills with the ability to teach and communicate effectively to developers and leadership.
- Understanding Continuous Integrations / Testing / Delivery
- Knowledge of JIRA, Burp, Confluence, SAST, DAST
Deadline for applications: 19.11.2021.