Swirlds is hiring a

Product Security Engineer

Remote

About Hashgraph:

Hashgraph is a fast-growing software company committed to supporting, developing and servicing Hedera, an open source, proof-of-stake platform. Hedera is EVM-compatible and has been specifically built to meet the needs of enterprise and Web3 applications, which require speed, security, stability and sustainability. Hedera’s public network is governed by industry-leading organizations, spanning 11 sectors and 14 regions who oversee the development and direction of the decentralized platform.

You may find yourself doing all of the following:

  • Conducting thorough security reviews of the company's products throughout the development lifecycle, including the design, implementation, and release phases
  • Collaborating with cross-functional teams to identify security vulnerabilities and recommend mitigation strategies
  • Developing and maintaining security testing methodologies and procedures
  • Implementing and managing automated security testing tools and processes
  • Providing guidance and support to development teams on secure coding practices and security best practices
  • Staying current with industry trends and emerging threats to inform and enhance product security measures
  • Assisting in incident response activities related to product security incidents
  • Participating in security awareness training programs for internal stakeholders

Qualification Requirements:

  • Minimum 6 years of experience in  application or product security, including 2-3 years of experience in software development or related field
  • Familiarity with common security vulnerabilities and attack vectors
  • Hands-on experience with security testing tools such as static analysis, dynamic analysis, and fuzzing tools
  • Strong understanding of secure coding practices and principles (mainly Java and Solidity)
  • OSWA and/or CISSP certifications are mandatory - web3 experience can be considered as an alternative if these certifications haven't been obtained

Other skills that are great to bring with you but that we can help you develop:

  • Relevant certifications (e.g., OSCP, OSEP, OSWE)
  • Experience in Bug bounty, Security Research, CVE publications, Red teaming, and attack surface management
  • Experience with cloud environments (e.g., GCP, AWS)
  • Understanding of common programming languages and scripting languages, such as Python, PowerShell, or Bash
  • Experience with containerization and orchestration technologies, such as Docker and Kubernetes, and their associated security best practices
  • Knowledge about web3 / Blockchain / Crypto
Apply for this job

Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!

Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Product Security Engineer Q&A's
Report this job
Apply for this job