Senior Security Engineer, Application Security London (London)

Blockchain.com is the world's leading software platform for digital assets. We are looking for a Senior Application Security Engineer to join our Security team as we tackle some of the most interesting problems in the crypto space, like how do we securely scale a distributed financial platform that touches millions of people a day.

At Blockchain.com, Security is a mindset and a set of engineering approaches to better protect stakeholders, users and systems by building our creative engineering solutions to hard, sometimes previously unseen problems. The Security team is responsible for the big picture of how systems are designed for Security, and we use a breadth of tools and approaches to solve a broad spectrum of problems. Practices aimed at achieving proactive identification of potential threat actors combined with in-depth investigation of security issues into iterative improvement are key to both product security and interesting and dynamic day-to-day work.

Security at Blockchain.com is a work in progress - we are looking for an experienced, Senior Application Security Engineer to expand our Security platform and provide leadership across the Security and the broader engineering team. Are you ready for a challenge?

WHAT YOU WILL DO:

• Work closely with Engineering teams to define security requirements and perform design assessments at early stages.
• Perform code reviews across the lifecycle of products, and penetration tests on internal and Internet-facing services.
• Develop, communicate, and promote best practices for the secure development and deployment of services.
• Implement improvements in the strategy, processes and tooling, enhance the overall Secure Software Development Lifecycle process and lead the adoption of the “Security by design” principle.
• Build software and implement tooling to validate and enforce secure baselines for software development, deployment and release.
• Review development processes for security functionality and consistency and develop Security playbooks.
• Design and implement libraries and tooling for security sensitive operations (data encryption, authentication, access, logging, input validation, etc.).
• Support Engineering teams with implementing security fixes, and develop strategies to proactively secure their code.

WHAT YOU WILL NEED:

• Extensive knowledge of secure standards and practices to build software preferably in at least one JVM based language such as Java and Kotlin.
• Experience working on different kinds of assignments including code reviews, secure standard development, and building secure software.
• Proven experience implementing Security in highly regulated environments. Previous experience in cryptocurrency projects is a plus.
• Experience with OWASP, Static and Dynamic Application Security Testing (AST) and dependency validation (SCA) tools. Experience with integration into CI/CD pipelines is a plus.
• Knowledge of Security monitoring techniques and tools to provide actionable events to trigger automated detection and containment and ensure traceability across the entire stack.
• An innate curiosity, strong inclination towards best practices and thrivingness on learning new technologies.
• A pragmatic approach to developing clean solutions to complex problems.
• The foremost quality for this position or any position at Blockchain.com is integrity.

COMPENSATION & PERKS:

• Amazing and accessible office location in the heart of London.
• Unlimited vacation policy.
• Apple equipment.
• Full-time salary based on experience and meaningful equity in an industry-leading company.
• London Benefits: Private Medical Insurance (BUPA), Dental, Pension, Life, Short Term & Long Term Disability.
• The opportunity to be a key player and build your career at a rapidly expanding, global technology company in an emerging field.
• Flexible work culture.

APPLICATION:

• LinkedIn profile.
• Link to github, stackoverflow, personal website and/or blog (if applicable).

Blockchain is committed to diversity and inclusion in the workplace and is proud to be an equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, religion, color, national origin, gender, gender expression, sex, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, and apprenticeship. Blockchain makes hiring decisions based solely on qualifications, merit, and business needs at the time.