RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

1 week, 4 days ago
Europe, United States
Full-time
Senior
Application Security Engineer
Cybersecurity
Blockchain Ethereum JavaScript Node.js React React Native
Apply Now
Consensys

Consensys

Consensys is a blockchain software company providing trusted web3 products. MetaMask, their flagship self-custodial wallet, serves over 100 million users for identity, asset management, and web3 exploration.

Internet Software & Services
251-1K
Founded 2014
$725M raised
View All Jobs 13

Description

  • Determine the root cause and severity of vulnerabilities reported through the bug bounty platform.
  • Interface with ethical hackers, triage vulnerability reports, and guide engineering teams to resolution.
  • Document vulnerabilities clearly so engineering teams can act quickly.
  • Write code to support security engineering projects and fix vulnerabilities in MetaMask client applications.
  • Develop AI tooling to help determine and resolve vulnerabilities.
  • Assess security risks in applications and ensure remediation within established SLAs.
  • Support new feature development through design reviews, threat modeling, security testing, and code reviews.
  • Identify gaps in the secure software development lifecycle and lead efforts to address them.
  • Validate that security patches fully address reported vulnerabilities and check for bypasses.
  • Build automation, security controls, and developer education to prevent future vulnerabilities.

Requirements

  • 6+ years of experience building and securing software, including hands-on product or application security experience.
  • Experience securing modern backend systems, web applications, and APIs.
  • Experience performing threat modeling, security design reviews, and vulnerability assessment.
  • Experience securing JavaScript-based applications across web and/or mobile; Node.js, React, and React Native are preferred.
  • Strong coding skills with the ability to work directly with engineers to identify and fix vulnerabilities or build secure solutions.
  • Strong understanding of modern web and mobile security, including common attack vectors and mitigations.
  • Strong communication skills and the ability to influence engineering decisions in a remote environment.
  • Self-driven and proactive, with comfort operating in a high-autonomy, distributed team.
  • Alignment with Consensys’s mission and values.
  • Experience working as a software developer is preferred.
  • Familiarity with the Ethereum blockchain and decentralized applications is preferred.
  • Must be able to overlap with EU and US-Pacific time zones as needed.
  • Applicants must be willing to undergo background checks, including employment, education, and criminal record checks.

Benefits

  • US base salary range of $130,000 to $218,000, not including bonus, equity, or other benefits.
  • Remote-friendly work environment with distributed collaboration.
  • Opportunities for career growth and learning within MetaMask and Consensys.
  • High trust and autonomy in day-to-day work.
  • Exposure to new concepts, ideas, and frameworks across different projects.
  • Opportunity to contribute to products supporting one billion participants and 5 million developers.
  • Potential for bonus, equity, and other benefits.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Infatica

Application Security Consultant

Infatica 1-10 Internet Software & Services

Infatica.io is seeking an Application Security Consultant to assess and improve the security of its proxy services by analyzing product components, build and distribution processes, and external detection responses.

Spain Full-time Senior Application Security Engineer
Linux Machine Learning
11 hours, 37 minutes ago
Thumbtack

Staff Application Security Engineer

Thumbtack 1K-5K Construction & Engineering

Thumbtack is hiring a Security Engineer to shape application security for its cloud-based, AI-enabled home services platform as the company scales.

Remote
Full-time Lead Application Security Engineer
$221k-$286k
AWS CI/CD GCP Secrets Management
12 hours, 35 minutes ago
Prolific

Application Security Lead

Prolific 51-250 Professional Services

Prolific is hiring an Application Security Lead to own application security strategy and embed secure development practices across its engineering organization while protecting a platform that handles sensitive data at scale.

United Kingdom Full-time Lead Application Security Engineer
Burp Suite CI/CD Django GCP Kubernetes Microservices MongoDB Python Terraform Vue.js
23 hours, 46 minutes ago
Trustly

SecOps Engineer (AppSec)

Trustly 251-1K Diversified Financial Services

Trustly is seeking a remote SecOps Engineer (AppSec) to help secure its global open banking payments platform by strengthening application, cloud, and infrastructure security controls.

Brazil Full-time Mid Level Application Security Engineer
Cybersecurity GitHub Java Kubernetes Node.js OWASP Penetration Testing Python Shell Scripting
1 day ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers