Senior Application Security Engineer

2 months, 2 weeks ago
Full-time
Senior
Cybersecurity
Consensys

Consensys

Consensys is a blockchain software company providing trusted web3 products. MetaMask, their flagship self-custodial wallet, serves over 100 million users for identity, asset management, and web3 exploration.

Internet Software & Services
251-1K
Founded 2014
$725M raised

Description

  • Determine the root cause and severity of vulnerabilities reported through the bug bounty platform.
  • Interface with ethical hackers, triage vulnerability reports, and guide engineering teams to resolution.
  • Document vulnerabilities clearly so engineering teams can act quickly.
  • Write code to support security engineering projects and fix vulnerabilities in MetaMask client applications.
  • Develop AI tooling to help determine and resolve vulnerabilities.
  • Assess security risks in applications and ensure remediation within established SLAs.
  • Support new feature development through design reviews, threat modeling, security testing, and code reviews.
  • Identify gaps in the secure software development lifecycle and lead efforts to address them.
  • Validate that security patches fully address reported vulnerabilities and check for bypasses.
  • Build automation, security controls, and developer education to prevent future vulnerabilities.

Requirements

  • 6+ years of experience building and securing software, including hands-on product or application security experience.
  • Experience securing modern backend systems, web applications, and APIs.
  • Experience performing threat modeling, security design reviews, and vulnerability assessment.
  • Experience securing JavaScript-based applications across web and/or mobile; Node.js, React, and React Native are preferred.
  • Strong coding skills with the ability to work directly with engineers to identify and fix vulnerabilities or build secure solutions.
  • Strong understanding of modern web and mobile security, including common attack vectors and mitigations.
  • Strong communication skills and the ability to influence engineering decisions in a remote environment.
  • Self-driven and proactive, with comfort operating in a high-autonomy, distributed team.
  • Alignment with Consensys’s mission and values.
  • Experience working as a software developer is preferred.
  • Familiarity with the Ethereum blockchain and decentralized applications is preferred.
  • Must be able to overlap with EU and US-Pacific time zones as needed.
  • Applicants must be willing to undergo background checks, including employment, education, and criminal record checks.

Benefits

  • US base salary range of $130,000 to $218,000, not including bonus, equity, or other benefits.
  • Remote-friendly work environment with distributed collaboration.
  • Opportunities for career growth and learning within MetaMask and Consensys.
  • High trust and autonomy in day-to-day work.
  • Exposure to new concepts, ideas, and frameworks across different projects.
  • Opportunity to contribute to products supporting one billion participants and 5 million developers.
  • Potential for bonus, equity, and other benefits.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Senior Manager, Engineering

Sumo Logic 251-1K Internet Software & Services

Sumo Logic is hiring a Senior Manager, Engineering for Application Security to lead global programs that improve product security, reliability, and operational efficiency across its cloud platform.

Agile AWS C++ Docker GCP Java Kafka Kubernetes OWASP Ruby Scala SIEM
1 day, 13 hours ago

Security Engineering - Apps and Cloud Security

CallTek 51-250 Internet Software & Services

A security engineer at the company will own cloud and application security initiatives across CSPM, CIEM, CWPP, and AppSec platforms, with a focus on securing multi-cloud environments and enabling DevSecOps.

AWS DevSecOps GCP
1 day, 13 hours ago

Senior Configuration Engineer, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Configuration Engineer to lead enterprise release management and delivery automation across cloud-native, SaaS, and AI product environments.

Ansible Azure Bash CI/CD DevSecOps Docker GitOps Jenkins Kubernetes PowerShell Python Secrets Management Terraform
1 week ago

Senior Cyber-Security Operations Analyst, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Cyber Security Operations Analyst to help design and scale secure Azure-based development and QA environments while improving CI/CD delivery and integrating security across the software lifecycle.

Ansible AWS Azure Bash CI/CD DevSecOps Docker GCP Git GitHub Actions Jenkins Kubernetes PowerShell Python Secrets Management Terraform
1 week ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers