Application Security Engineer
About IOV Labs
IOV Labs is on a mission to provide the next generation of fintech innovators with the decentralized tools and technology to build a new global economy.
IOV Labs develops and supports the operation and growth of the Rootstock (a.k.a RSK) Blockchain, a Turing-complete Bitcoin sidechain, the world's most secure smart contract platform. People around the world use the dApps built on top of Rootstock for a range of essential financial services.
IOV Labs also developed the Rootstock Infrastructure Framework (RIF) to provide our partners with the tooling and technology they need to build Decentralized apps and new Decentralized Financial services on the Rootstock Blockchain.
About the Role.
We seek a Security Engineer to join our growing and global presence FinTech Company.
We’re looking for an open-minded, passionate, analytical, and hard-working person with an interest in cryptocurrencies and the blockchain ecosystem.
As part of our IOVLabs Security Team, you will help to research attack and defense techniques and develop innovative tools to help automate detection and response tasks. You will also work in close collaboration with internal development teams and members of the ecosystem to develop new capabilities to improve the security of the public p2p network, its users, and company's infrastructure.
What You'll Be Doing
- Actively participate during the product design phases, analyzing requirements and proposing secure, innovative, and alternative solutions.
- Perform source code audit and PR security reviews.
- Discover vulnerabilities, develop PoC, and help with the remediation.
- Research vulnerabilities and attack techniques.
- Interact with internal teams, and contribute to the secure design of new products and features.
What You Bring to the Table
- 5+ years of work experience as an Application Security Engineer or Security Researcher
- Proven experience in performing source code security audits, threat modeling, and architectural security reviews.
- Proficiency in identifying and remedying common security vulnerabilities in code.
- Knowledge of various attack vectors and methods of exploiting vulnerabilities.
- Familiarity with the software development life cycle and ability to integrate security into the process.
- Cryptography basics knowledge.
- Knowledge of Blockchain.
- Coding skills in Solidity, Javascript, and React.
- Experience conducting vulnerability research.
- Comprehensive knowledge of application security principles, including threat modeling and risk assessment.
- Good understanding of DevSecOPs principles and integrating them into CI/CD pipeline.
- Fluent English.
Bonus Points
- Having a proven track record of finding complex vulnerabilities in software.
- Participating in CTFs.
- Public presentation, research, root cause analysis, etc.
- Experience in offensive security.
What You’ll get Back
- Competitive salary and company bonus
- 100% remote working (External Employee) from anywhere in the world
- Global WeWork membership
- Flexible working hours - you’re free to work however you work best
- paid holidays and personal leave days
- Opportunity to work with state-of-the-art technology in a challenging and unique project
- Internationally diverse and dynamic team with a clear vision and strategy
- Training programs to learn everything about the crypto world
- Weekly scientific moments by our Research & Innovation team to learn about technology, challenges, and solutions in the blockchain world
- Language courses: English & Spanish
- Employee assistance program offering legal, financial, family, psychological, and wellness counseling for you and your family
IOV Labs Mission, Vision, & Purpose
- Our purpose is to ... build a more decentralised world, for a freer and fairer future.
- Our vision is… a safe and equitable global financial system that enables everyone to participate and prosper.
- We’re on a mission to… provide the next generation of fintech innovators with the decentralised tools and technology to build a new global economy.