Swirlds Labs is hiring a Remote Product Security Engineer
\n\nAbout Hashgraph:\n\nHashgraph is a fast-growing software company committed to supporting, developing and servicing Hedera, an open source, proof-of-stake platform. Hedera is EVM-compatible and has been specifically built to meet the needs of enterprise and Web3 applications, which require speed, security, stability and sustainability. Hederaโs public network is governed by industry-leading organizations, spanning 11 sectors and 14 regions who oversee the development and direction of the decentralized platform.\n\nYou may find yourself doing all of the following:\n\n\n* Conducting thorough security reviews of the company's products throughout the development lifecycle, including the design, implementation, and release phases\n\n* Collaborating with cross-functional teams to identify security vulnerabilities and recommend mitigation strategies\n\n* Developing and maintaining security testing methodologies and procedures\n\n* Implementing and managing automated security testing tools and processes\n\n* Providing guidance and support to development teams on secure coding practices and security best practices\n\n* Staying current with industry trends and emerging threats to inform and enhance product security measures\n\n* Assisting in incident response activities related to product security incidents\n\n* Participating in security awareness training programs for internal stakeholders\n\n\n\n\nQualification Requirements:\n\n\n* Minimum 6 years of experience in application or product security, including 2-3 years of experience in software development or related field\n\n* Familiarity with common security vulnerabilities and attack vectors\n\n* Hands-on experience with security testing tools such as static analysis, dynamic analysis, and fuzzing tools\n\n* Strong understanding of secure coding practices and principles (mainly Java and Solidity)\n\n\n\n\nOther skills that are great to bring with you but that we can help you develop:\n\n\n* Relevant certifications (e.g., OSCP, OSEP, OSWA, OSWE)\n\n* Experience in Bug bounty, Security Research, CVE publications, Red teaming, and attack surface management\n\n* Experience with cloud environments (e.g., GCP, AWS)\n\n* Understanding of common programming languages and scripting languages, such as Python, PowerShell, or Bash\n\n* Experience with containerization and orchestration technologies, such as Docker and Kubernetes, and their associated security best practices\n\n* Knowledge about web3 / Blockchain / Crypto\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Web3, Docker, Java, Cloud and Engineer jobs that are similar:\n\n
$60,000 — $100,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nRemote within EU or APAC
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.