Posted 3 Sept 2024, 6:55 pm

Product Security Engineer at Swirlds Labs

Sorry, but this job listing has expired!

About Hashgraph:

Hashgraph is a fast-growing software company committed to supporting, developing and servicing Hedera, an open source, proof-of-stake platform. Hedera is EVM-compatible and has been specifically built to meet the needs of enterprise and Web3 applications, which require speed, security, stability and sustainability. Hedera’s public network is governed by industry-leading organizations, spanning 11 sectors and 14 regions who oversee the development and direction of the decentralized platform.

You may find yourself doing all of the following:

  • Conducting thorough security reviews of the company's products throughout the development lifecycle, including the design, implementation, and release phases
  • Collaborating with cross-functional teams to identify security vulnerabilities and recommend mitigation strategies
  • Developing and maintaining security testing methodologies and procedures
  • Implementing and managing automated security testing tools and processes
  • Providing guidance and support to development teams on secure coding practices and security best practices
  • Staying current with industry trends and emerging threats to inform and enhance product security measures
  • Assisting in incident response activities related to product security incidents
  • Participating in security awareness training programs for internal stakeholders

Qualification Requirements:

  • Minimum 6 years of experience in application or product security, including 2-3 years of experience in software development or related field
  • Familiarity with common security vulnerabilities and attack vectors
  • Hands-on experience with security testing tools such as static analysis, dynamic analysis, and fuzzing tools
  • Strong understanding of secure coding practices and principles (mainly Java and Solidity)

Other skills that are great to bring with you but that we can help you develop:

  • Relevant certifications (e.g., OSCP, OSEP, OSWA, OSWE)
  • Experience in Bug bounty, Security Research, CVE publications, Red teaming, and attack surface management
  • Experience with cloud environments (e.g., GCP, AWS)
  • Understanding of common programming languages and scripting languages, such as Python, PowerShell, or Bash
  • Experience with containerization and orchestration technologies, such as Docker and Kubernetes, and their associated security best practices
  • Knowledge about web3 / Blockchain / Crypto


Please mention the word **REGARD** and tag RMzUuOTAuMTU2LjE2Mg== when applying to show you read the job post completely (#RMzUuOTAuMTU2LjE2Mg==). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.

The offering company is responsible for the content on this page / the job offer.
Source: Remote Ok