Senior Application Security Engineer

Pagoda

Posted: 10 months ago

Company Website
https://remoteOK.com/r...
Position type
full time
Job source
Remote ok
Category
programming
Remote
Yes
Salary
---
Job location
Remote - US
About

About Pagoda

Pagoda is shepherding a future where NEAR becomes the blockchain operating system. We believe that re-inventing how software is made and distributed is our greatest opportunity to open economic access to those who are not fully integrated into the global economy. Our products empower people to find opportunity, invent new experiences, and collaborate. Let's build an Open Web world. A world where people control their assets, data, and power of governance.

We encourage people of all backgrounds to apply. Pagoda is committed to creating an inclusive culture, and we celebrate diversity of all kinds.

About The Role:

Pagoda is shepherding a future where NEAR becomes the blockchain operating system. We believe that re-inventing how software is made and distributed is our greatest opportunity to open economic access to those who are not fully integrated into the global economy. Our products empower people to find opportunity, invent new experiences, and collaborate. Let's build an Open Web world. A world where people control their assets, data, and power of governance.

Pagoda’s growing security team is looking for an experienced Application Security Engineer/Architect to join our team and help protect our social media platform built on top of a blockchain. The ideal candidate will have a strong background in security technology and a deep understanding of the unique challenges of building and maintaining secure systems.

As a Senior Application Security Engineer, you will be hands-on and have a wide-ranging impact for the security at Pagoda. You will be working closely with Pagoda’s engineering development teams and product managers to ensure our products are secure.

You will be working with an agile team in a growing startup environment, heavy on SaaS platforms with decentralized as opposed to consolidated network infrastructure.

What You'll Be Doing:

  • Consult with developers to ensure the security of the platform and its components, and identify solutions or approaches to ensure that the software is being developed and deployed securely.
  • Implement security technology to protect Pagoda against cyber threats
  • Assess and manage cyber security risk for the platform and its users
  • Ensure the secure design and development of the platform's components, which can be forked and modified by users to extend the platform's capabilities and customization
  • Stay up-to-date with the latest security trends and best practices to continuously improve the platform's security
  • Experience or understanding of the operation of software such as smart contracts on virtual machines such as WASMER is a plus
  • Familiarity with SAST tools
  • Enabling a “shift security left" approach to the software development lifecycle.
  • Work closely with the Vulnerability Management team and the Director of Security Operations to ensure that identified vulnerabilities are addressed in a timely manner and that operational and development teams have the right process in place to do so.

What We're Looking For:

  • Bachelor’s or Master's degree in Computer Science, Information Security or a related field.
  • Strong background in security technology, including experience with blockchain security
  • Experience with application security and risk management, including full dev stack security and the security of deployed applications, cloud systems, and infrastructure as code
  • Proven experience building an Application Security program from the ground up
  • Strong knowledge of secure coding practices and development methodologies
  • Experience with security testing and vulnerability management
  • Strong communication and collaboration skills, able to work effectively with a cross-functional team
  • A deep understanding of the unique challenges of building and maintaining secure systems, including the ability to think creatively to solve problems and identify potential threats
  • Experience with Rust, JavaScript, and Node.js is a plus

We'd Love If You Have:

  • A passion for security and Web3
  • Experience in a start-up environment
  • CISSP, CISM, CISA or other relevant certifications are a plus

Here’s What Our Interview Process Looks Like:

Depending on calendar availability, from the first stage to the final stage, we do our best to keep the entire process to under three weeks. Our interviews take place via Zoom and typically consists of the following stages:

  • Internal Recruiter Call (30 to 45 minutes)
  • Meet with the Hiring Manager (30-60 minutes)
  • Technical Interviews & Presentation (3 x 60 minutes)
  • Pagoda Values Interview (30 to 45 minutes)

Please let us know if you require any special requirements for your interview and we’ll do our best to accommodate.

Ideal Location For This Role

This is a fully remote role, so that your timezone matches or overlaps with our leadership for this role, you’ll ideally be located in United States.

Benefits & Perks

  • Flexible Annual Leave / PTO with an encouraged 20 day per year minimum
  • Paid Holiday Week: the last week of the year
  • Paid Wellness Week: the first week of July
  • $2,000 Yearly Continued Education Reimbursement
  • $2,000 Home Office Setup Reimbursement
  • Co-working Space Reimbursement
  • Company Retreats (2022 was in Lisbon!) & Team Offsites
  • Mental Health Support and access to licensed therapists through Spill, 100% paid by Pagoda

**Temporary short term contractors do not receive the above benefits

Our Values At Pagoda

Innovate and deliver—so our customers can build. We deliver new solutions for real, often urgent, customer needs. Practical over hype. We uphold our standards of excellence while balancing velocity and pragmatism.

Focus precious time and energy on what matters. We are intentional about where we aim our resources. We channel our talents to focus on the critical missions in order to make an outsized impact.

Favor ownership, agency and action. Everyone is an owner. As individuals, we are responsible and accountable for our work. We empower builders to make decisions and innovate without the burden of unnecessary roadblocks or complexity.

Work as a team of empathetic humans. We practice mutual respect, open communication, humility and collaboration. We are kind and empathetic. We are welcoming towards diversity in all forms, including differences of perspective.

Never break trust. Integrity is rare—and valuable—in this space. Reputation is hard to build and easy to break.



Please mention the word EXCEEDED and tag RNTQuODAuNDcuMTkz when applying to show you read the job post completely (#RNTQuODAuNDcuMTkz). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.

Subscribe to our daily job alerts

Sign up for our newsletter to stay up to date with new jobs posted on Profilehunt

Please confirm your email address once you subscribe.