Description
Strike's mission is to build a more connected financial world.
Strike allows users to send and receive money anywhere, instantly, with no added fees. Strike is built on top of the Bitcoin network – the largest global, interoperable and open payments standard. Strike believes that open payment networks enable universal participation in the financial system, ushering in a new digital economy with truly borderless money transfers. Strike leverages Bitcoin’s open payment network to offer users the first global peer-to-peer payments app and a novel bitcoin-native payments experience.
Role:
Strike is looking to hire a senior level Product Security Engineer to help harden our products and infrastructure. You will be working directly with our engineering teams to ensure the secure design and implementation of Strike’s products, services, and infrastructure. You will be responsible for maintaining our product’s security by performing technical security assessments, threat modeling, security code reviews, and vulnerability testing.
As an early member of our security team, you will have a meaningful impact on our security priorities and direction. We are a young organization with very unique products. As such, we have an abundance of exciting security challenges and opportunities. You will have to wear many hats, and design solutions that scale.
Responsibilities:
- Identify, triage, and provide remediation guidance for product and infrastructure vulnerabilities
- Work with Strike engineering teams to design more security infrastructure and products
- Think like an attacker to identify weaknesses in application architecture
- Improve developer tooling and adoption to build a more robust SSDLC
- Assist incident response teams with application security expertise and tools
- Support and expand the product security engineering programs
Requirements:
- 3+ years working in product or application security roles
- Experience auditing code and completing code reviews in languages like C#, Javascript, Swift and scripting languages
- Experience with penetration testing with a focus on web application security
- Experience in cloud security architecture and infrastructure (preferably GCP)
- Identify and prioritize risks through threat modeling exercises with engineering teams
- Experience providing security knowledge and guidance to engineering team
- Demonstrated understanding of web application security
- Strong understanding of OWASP Top 10 vulnerabilities
Nice to have:
- Technical understanding of Bitcoin and lightning
- Experience with security bug bounties
- Published contributions to the security community
- Presentation experience at industry events
- Experience working with compliance, privacy, IT, networking or related functions
The ideal candidate application will contain a cover letter that provides a brief outline detailing a unique combination of skills, experience and how Strike would benefit from working with you.
Please mention the word **WOWS** and tag RMmEwMTo0Zjg6MWMxZTplNWNjOjox when applying to show you read the job post completely (#RMmEwMTo0Zjg6MWMxZTplNWNjOjox). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.