\n\n\nYour Role & Mission\n\nThe Senior Application Security Engineer will work with product and engineering to create a secure SDLC, design security features and implement tools, education and processes to reduce risk of security issues in the tech stack.\n\nResponsibilities\n\n\n* Select or build tooling to help developers build secure code\n\n* Provide overall security architectural advice to Engineering and IT\n\n* Manage issues sourced from penetration tests and bug bounty programs \n\n*  Participate in the security champions program\n\n* Help Product, Engineering and IT incorporate security requirements into new products from inception\n\n* Assist in the creation and maintenance of Security Risk Models for new projects and existing systems\n\n\n\n\nSkills & Competencies\n\n\n* 5+ Years of Web Application Security experience\n\n* Strong experience with vulnerability management, or penetration testing is required.\n\n* Extensive experience in conducting Architectural Reviews and Threat Models frequently is required. \n\n* Strong knowledge of common AppSec issues and tooling (e.g. SCA, SAST, DAST)\n\n* Strong Linux knowledge is a plus. \n\n* Experience with cloud services, ideally GCP is plus. \n\n* Strong software development skills ideally in Ruby, Node Secondary\n\n* Strong Communication and Influencing skills\n\n* Should have worked in SaaS environment. \n\n* Should have extensive knowledge of Open Redirect, OAuth, and CSRF. \n\n* Certifications: OSCP/OSWE/CEH: At least 1 Certification is a plus. \n\n\n\n\n#LI-JM1\n\n \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, SaaS, Testing, Education, Cloud, Node, Senior, Engineer and Linux jobs that are similar:\n\n $60,000 — $100,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nBuenos Aires, Buenos Aires, Argentina

\nThe opportunity\n\n\nWe’re looking for a Full-Stack Engineer to elevate Chord as the leader in customer data platforms. You’ll join a growing team that is building a platform to empower modern and omnichannel brands with smart technology, unique customer experiences, and insightful data.\n\n\nIn this role, you will be responsible for building Chord’s storefront data SDK, which captures customer behavior on merchant’s ecommerce stores and feeds it into our data warehouse. You will also have an opportunity to expand our data reporting and administration portal, where merchants view key performance metrics necessary to grow their revenue. \n\n\nThis is a perfect opportunity for engineers who thrive on big data problems; using data to generate insights that lead to actions. As an early-stage technology startup, you will have an opportunity to influence the culture and practices of the Engineering team. You will have an instrumental role in the design and implementation of our flagship products. If you’re curious, willing to learn, humble, and a good team player, you’ll be at home here at Chord. \n\n\nAs a Full-Stack Engineer, you will be a key member of the Engineering team and will report to the Engineering Manager. You will work in a group with senior and principal engineers responsible for the end-to-end development of Chord’s software products. You will also regularly collaborate with members of our Product and Customer Success teams to contribute to product design and support customers.\n\n\nChord offers advanced technology for modern brands that want amazing customer experiences and unified data without a large engineering team. We like to think of our product as the tech engine for high-velocity e-commerce growth. Backed by top investors, Chord is a SaaS company led by industry veterans, and we’re seeking smart, focused, creative talent to help us realize our vision. \n\n\nOur company is proudly remote-first, distributed across North America. \n\n\n\nAs a Full-Stack Engineer, you will:\n* Design, build, and grow our proprietary storefront data capture SDK.\n* Design, build, and grow our analytics and data management platform.\n* Support projects to launch customers onto Chord’s platforms.\n* Analyze and resolve technical issues that arise during production operations.\n* Contribute to technical design discussions and proposals that improve our team's culture, processes, or architecture.\n* Collaborate within a cross-functional project and operations team to execute product plans and achieve company goals.\n* Learn and practice Chord’s engineering principles through pairing sessions with developers.\n* Support the growth of engineers around you.\n* Contribute to tutorials and documentation that our customers will love using.\n\n\n\nTo be successful in this role, you’ll need: \n* A reputation for being inclusive, curious, entrepreneurial, and thoughtful.\n* Proficiency in Javascript and Typescript.\n* Experience working with Node and React/Redux-based frameworks.\n* Skill in authoring and maintaining GraphQL or RESTful-based APIs. \n* Expertise in writing tests with tools such as Jest, Cypress, and React Testing Library.\n* Experience publishing and maintaining JS libraries. \n* Experience with CI/CD and DevOps tools like Github, Sentry, and CircleCI.\n\n\n\nBonus points for:\n* Proficiency in Ruby on Rails and common frameworks/integrations such as Solidus, RSpec, FactoryBot.\n* DevOps experience with Heroku, AWS (Lambda, API Gateway, RDS).\n* Experience creating metrics and monitors in Datadog.\n* Experience with static website libraries such as Gatsby and NextJS.\n* Skill in building integrations using middleware platforms such as Segment.\n* Background working with payment processors such as Stripe and Braintree.\n* Familiarity with modern CMS systems like Contentful or Sanity. \n* Hands-on experience with complex ecommerce experience is a big plus. \n\n\n\nWorking at Chord, you can expect: \n* An investment in your physical and mental well-being; we offer 100% employee Medical Benefits coverage, with 69% dependant coverage. \n* Flexible PTO; we encourage you to take the time you need to be your best self at work. \n* An onboarding package and annual work from home stipend to ensure you have everything you need to be successful while working remote. \n* Generous Parental Leave with customizable transition back to work program.\n* To make an impact! We’re an early-stage company, which means there is space to champion ideas, and create and lead initiatives at any level in the Organization. \n* The benefits of working from home, with opportunities to spend quality time with the team at Chord in-person events throughout the year.\n\n\n\n\n$145,000 - $170,500 a yearThis is the expected salary range for US-based employment. \nThis is a full-time, salaried position that includes Equity. We set standard ranges for all roles based on function, level, and geographic location, benchmarked against similar-stage growth companies in our market. This salary range represents the full salary range for the position. The starting base pay offered may vary depending on factors including experience, expertise, market demands, and internal parity. \n\nAbout your application and the interview process\n\n\nChord is an equal opportunity employer, and we value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you’re unsure about your qualifications for this position, we still encourage you to apply. \n\n\nOur interview process for the role begins with an exploratory conversation with the Hiring Manager. After that, we’ll invite you to a Zoom session with a range of stakeholders from across our organization. We aim to get to know you and allow you to learn more about our team and product while being respectful of your time. \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, SaaS, React, GraphQL, Testing, DevOps, JavaScript, Node, Ruby, API, Senior, Engineer and Ecommerce jobs that are similar:\n\n $60,000 — $110,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nNew York, New York

\nChainSafe is a leading blockchain research and development firm specializing in infrastructure solutions for the decentralized web. Alongside its contributions to significant ecosystems such as Ethereum, Polkadot, Filecoin, Mina, and more, ChainSafe creates solutions for developers and teams across the web3 space utilizing our expertise in bridging, gaming, NFTs, and decentralized storage. As part of the mission to build innovative products for users and better tooling for developers, ChainSafe embodies an open-source and community-oriented ethos.\n\nTo learn more about ChainSafe, look at our Discord, GitHub, and website.\n\nHere’s what you need to know before reading on:\n\n\n* Our progressive tech stack includes Go, Rust, and TypeScript\n\n* We spearhead ecosystem projects like Lodestar, Web3.js, Forest, Mina-rs, and Gossamer\n\n* We are global, remote-friendly, and open to contractors\n\n* You’ll form part of the Sygma Engineering team, our bridging protocol\n\n* At Sygma we believe that cross-chain interoperability is the fundamental enabler for the next wave of growth in the blockchain industry. Sygma will empower builders to create streamlined experiences where users are not confined to one ecosystem. By enabling elaborate cross-chain functionality and putting most of the steps under the hood, Sygma will enable smooth, web2-like user experiences. For more information about Sygma please visit buildwithsygma.com\n\n\n\n\nAt ChainSafe, you’ll be part of a team that believes in the community's vital importance and contributes to advancing humanity with open-source and decentralized technology.\nAbout the role\n\nAs our Senior BlockOps engineer for Sygma, our cross-chain interoperability protocol, you will play a vital role in our dedicated BlockOps team, defining and implementing best-practice strategies and guides to manage and optimize our infrastructure.\n\nThe BlockOps team supports the critical systems, services, and tooling at the foundation of Sygma’s mission, to abstract away all the complexities of cross-chain interoperability to enable users to ‘deposit from anywhere’. We enable Sygma’s engineers to design, develop, and operate services quickly, safely, securely, and reliably. BlockOps teams build and maintain the platforms critical to the existence of Sygma.\n\nYour expertise will undoubtedly contribute to the sophistication of blockchain applications and redefine the boundaries of what's possible within this emerging technological sphere. All work across Sygma will be open-source, ensuring expansive opportunities for deep contribution and collaborative efforts across various web3 blockchains and ecosystems.\nResponsibilities\n\nWhat you will be doing\n\n\n* Ensure reliable operation of the company’s distributed Relayer nodes operations across various blockchain networks (EVM, Substrate, Cosmos SDK) while adhering to internal SLAs and committed KPIs\n\n* Design and implement procedures related to Sygma’s Relayer node operations (deployment and upgrade, incident response, and key management)\n\n* Build monitoring and observability for various Sygma services including a distributed set of relayers and various blockchain full nodes.\n\n* Provide training and guidance for other members of the infrastructure team, ensuring round-the-clock node operation and incident response.\n\n* Document and communicate technical details via open-source documentation\n\n* Collaborate with various internal teams and the wider community to build, expand, and scale Sygma’s architecture, by tapping into new trends and opportunities highlighted by internal data, blockchain research, and the wider blockchain ecosystem\n\n\n\nRequirements\n\n\n* Solid dev. experience with Golang\n\n* Experience working with AWS services\n\n* Demonstrable experience with modern Infrastructure as Code (IaC) tools (Terraform, Helm, Ansible, etc), automating deployment, and best CI/CD practices and tools.\n\n* Experience with monitoring and alerting tools (DataDog, Grafana, Prometheus, etc.)\n\n* Experience implementing distributed tracing, monitoring, and logging systems using OpenTelemetry Protocol\n\n* Experience building and participating in incident response systems (PagerDuty, etc) and handling the emergency response to production environment failures.\n\n* In-depth knowledge of distributed systems and blockchain technology.\n\n* Excellent communication skills with the ability to document and convey technical details clearly\n\n* Ability to work autonomously as well as with the wider team\n\n\n\nAs a plus:\n\n\n* TypeScript, Solidity, or Rust is a big plus\n\n* Experience with specifying, procuring, and setting up infrastructures for Blockchain validator nodes, and managing them across several blockchain networks.\n\n* Experience automating network deployment and testing of SmartContracts with various tools (Truffle, HardHat, Foundry, Anvil)\n\n* Understanding at least two of the following domains - Web Security, Web3 Security, Cloud Security, Systems Security, and Applied Cryptography.\n\n\n\nHiring Steps\n\n\n* Selected candidates will be invited to a 30–to–45–minute screening call with one of our tech recruiters\n\n* Next, candidates will be invited to a 60-minute values interview with one of our team members\n\n* Technical 60-minute interview with one of our engineers\n\n* Then, candidates will be asked to complete a technical task in under 10-15 hours, but we provide up to 5 business days to complete it\n\n* After the completion of the test assignment call with Engineering team to discuss the results, for 60 minutes.\n\n* Lastly, candidates will be invited to a 60-minute interview with the hiring team members\n\n\n\n\nWhy Join ChainSafe\n\nFounded by developers for developers, ChainSafe is a remote-first company with an international team. We continue to provide opportunities for personal and professional growth, value autonomy and responsibility, have a results-driven environment, and offer flexible work hours.\n\nWe care deeply about our values and look for these attributes in every new team member. In addition, we recognize the benefits of cultivating a diverse team and aspire to embed respect for all people into our culture. We encourage women, the LGBTQIA+ community, people of colour, and members of any other group underrepresented in the blockchain space (or tech in general) to apply.\n\nHow to Apply\n\nPlease fill out the Greenhouse application form below and ensure that you attach your resume and link your Github/Gitlab profile or any software project you have contributed to (if applicable).\n\n\n\n\n\n  \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Web3, Testing, Cloud, Node, Senior and Engineer jobs that are similar:\n\n $60,000 — $97,500/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nBerlin, Berlin, Germany

\nWHAT IS BOX? \n\nBox is the market leader for Cloud Content Management. Our mission is to power how the world works together. Box is partnering with enterprise organizations to accelerate their digital transformation by creating a single platform for secure content management, collaboration and workflow. We have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates to help us achieve that goal. \n\nBy joining Box, you will have the unique opportunity to help capture a majority of this developing market and define what content management looks like for the digital enterprise. Today, Box powers over 100,000 businesses, including 69% of the Fortune 500 who trust Box to manage their content in the cloud. \n\nWHY BOX NEEDS YOU \n\nBox is looking for a thought leader to lead the way to proactively discover and to implement solutions that automate, scale and enhance objectivity.\n\nWe’re looking for someone who is just as passionate about automating key areas of the Secure Software Development Lifecycle (SDLC) to securely build and fortify our applications.\n\nWHAT YOU'LL DO \n\n\n* Provide thought leadership in the areas of innovative DevSecOps automation, tool optimization, application vulnerability management and strategies for risk reduction\n\n* Implement tooling within CI/CD pipeline, limit manual testing and troubleshooting\n\n* Own and propose data-driven enhancement strategies for dynamic (DAST), static (SAST), open source application security testing (SCA) and container security scanning including troubleshooting, and continuous process improvement\n\n* Develop strategy to automate software security vulnerability verification within throughout the development process\n\n* Build security scanning tools to automate discovery of vulnerabilities not available in existing tooling\n\n* Analyze designs and implementation of security controls in Automated DevOps environments and pipelines\n\n\n\n\nWHO YOU ARE \n\n\n* You understand secure engineering best practices, can articulate problem statements and propose solutions to both technically savvy and non-technical audiences\n\n* You are either a passionate security minded software engineer who has been part of building high quality applications and services, or you are an application security engineer who cares about secure software development\n\n* You have a growth mindset, push yourself towards excellence and focus on continuous functional improvements\n\n* You are a curious person who looks at problem statements and can clearly propose actionable solutions\n\n* You have a passion for cyber security demonstrated through participation/leadership in conferences, webinars, Capture the Flag (CTF), TryHackMe, Bug Bounty, Submission of CVEs and/or personal projects\n\n* Strong understanding of past, current, and emerging security exploits\n\n\n\n\nRequirements\n\n\n* 5+ years previous experience in DevOps, DevSecOps, Application/Product Security or Application Development with a strong focus on security tool onboarding and optimization\n\n* Knowledge of OWASP Top 10, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Threat Modeling tools\n\n* 2+ years experience working in software development\n\n* Experience with security testing tools and devops integrations\n\n* Experience with multiple languages such as Java, React, Node JS, PHP, Scala, C and/or Python\n\n* Understand how to detect and prioritize Front End, API's, Microservices and Container vulnerabilities\n\n* Familiar with common build/automation tooling: ex. Jenkins, GIT\n\n\n\nBENEFITS\n\nVisit this webpage to check out all of our exciting healthcare benefits: https://join.collectivehealth.com/box\n\nFor all other benefits, please check out: Box Benefits + Perks \nEQUAL OPPORTUNITY\n \nWe are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation. Box strives to respect the dignity and ‎‎independence of people with disabilities and is committed to giving them the same ‎‎opportunity to succeed as all other employees. Accommodations are available ‎throughout ‎the application process and an employee’s employment at Box.\n\nHEALTH AND SAFETY\n \nTo promote the health and safety of all Boxers and our communities, in order to "Go to Work" at Box in the U.S., you must be Fully Vaccinated or have an approved accommodation. "Go(ing) to Work" at Box is defined as visiting a Box office, facility, or co-working site, visiting or meeting in person with fellow Boxers, Box clients and/or customers, vendors, or partners, engaging in business travel, and or participating in any Box-sponsored and/or related activity where others are present.  If you are fully remote and do not "Go to Work,” the vaccination requirement is not applicable.  "Fully Vaccinated" means that an individual is at least two weeks past their final dose of an authorized COVID-19 vaccine regimen.  If you are unable to get a vaccine due to a medical condition, a sincerely-held religious belief or another legally recognized reason, Box will consider requests for an accommodation.\n  \nFor details on how we protect your information when you apply, please see our Personnel Privacy Notice.\n \n#LI-Remote \n#LI-CW1 \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Testing, DevOps, C, Cloud, Node, Senior and Engineer jobs that are similar:\n\n $65,000 — $120,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nRedwood City, California, United States