We're on a mission to create the most innovative and industry-leading cryptocurrencies exchange.
Our team is globally distributed and fully remote, so excellent English communication skills are critical for when we collaborate together to develop, support, and deliver the best platform possible for our users. If you get excited about being in an industry that is breaking new ground and have a disposition of confidence towards challenging technical feats and learning new and complex products, we want to talk to you.
We’re looking for a Security QA to play a crucial role in ensuring the security and integrity of the exchange platform and its associated services & products.
Our team is globally distributed and fully remote, so excellent English communication skills are critical. The position of Security QA involves detecting and evaluating the security measures and vulnerabilities within our desktop, web, and API products. The primary goal is to identify and mitigate security risks to safeguard customer assets, and maintain the company's reputation for trustworthiness and reliability.
Key Responsibilities:
Conduct comprehensive security testing on Desktop / Web / API products to identify vulnerabilities, security flaws, and potential risks.
Use various security testing tools, methodologies, and techniques to evaluate API endpoints and data exchanges.
Perform security assessments to identify and prioritize potential vulnerabilities, such as authentication issues, injection attacks, and data leakage.
Document and report identified vulnerabilities and provide recommendations for remediation.
Conduct penetration testing to simulate real-world attacks.
Analyze our products' resilience to common attack vectors and security threats.
Analyze our products for horizontal / vertical privilege escalation vectors.
Analyze access levels to determine if the scope and request limits are sufficient and secure.
Develop detailed test cases and test scenarios to systematically evaluate the products' security posture.
Collaborate with the development and security teams to establish testing criteria and requirements.
Stay up-to-date with the latest security testing tools, techniques, and industry best practices.
Implement security testing methodologies, including OWASP Top Ten and other relevant standards.
Create clear and concise security assessment reports that highlight findings and recommendations for remediation.
Collaborate with the development and security teams to ensure vulnerabilities are properly addressed and resolved.
Implement ongoing monitoring and testing to identify new security threats and vulnerabilities.
Assist in the development and implementation of security policies and procedures.
