Make a game-changing next move.

Learn more about the opportunities in Coatue's portfolio.
192
companies
6,227
Jobs

Application Security Architect

Fireblocks

Fireblocks

IT
Tel Aviv-Yafo, Israel
Posted on Wednesday, October 25, 2023

Founded in 2018 and already valued at over $8 billion, Fireblocks is a SaaS platform that helps companies to create innovative products on the blockchain and manage day-to-day crypto operations. Fireblocks is trusted by some of the largest financial institutions, banks, globally-recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more, to securely scale digital asset operations through the Fireblocks Network and MPC-based wallet infrastructure. We have offices in New York, London, Tel Aviv, and Singapore, and we are continuing to expand our teams to reach new customers globally.

We are looking for an expert security engineer that wants to take their existing penetration testing, research, and infrastructure engineering skills to the next level. Join Fireblocks leading security team and work within a dynamic and fast-moving cloud environment. The work will focus primarily on full-stack security assessments and will include conducting deep-dive penetration tests, security research, and code review across multiple clouds, first-party and public cloud environments, all to provide a cross-company risk reduction and have a real impact on Fireblocks security posture.

In this position, you’ll be thinking like a malicious hacker, understanding and anticipating the moves and tactics that a hacker might use to try and gain unauthorized access to Fireblock’s computer system. You should be experienced in information security and understand security protocols, authentication, and security engineering.

Responsibilities:

  • As an Offensive Security Expert, you will conduct ongoing research into the latest tactics, techniques, and procedures and discover dangerous flaws and major security vulnerabilities before hackers of more malicious intent find them.
  • Perform grey and white box penetration testing;
  • Leverage code review skills to identify complex vulnerabilities within code.
  • Collaborate with other security teams to provide insights & security knowledge share. Provide security guidance and recommendations to engineering and operational teams
  • Apply state of the art methodologies, tooling, and skills to demonstrate real vulnerabilities and help technical teams improve their security posture and technical controls to mitigate the issues.
  • Preferably able to bridge offensive security disciplines: data & application to cloud and infrastructure security, application testing to Red Teaming, social engineering to crunching and writing tools & scripts.

Experience & Qualification:

  • 3+ years of experience with information security (security researcher, security engineer, security architect).
  • 3+ years of experience with offensive security subjects such as, mobile security, (web) application security, and infrastructure security.
  • Experience with static and dynamic code analysis
  • Strong IaaS security skills, with a focus on AWS, Azure, GCP
  • Experience with Kubernetes
  • Experience with infrastructure-as-code
  • Solid programming skills, any of C, C++, Java, C#, Python, Ruby, x86 or ARM assembly;
  • Advantage : Reverse engineering; Red teaming; Malware analysis; exploit development;
  • Risk assessment and threat modeling to identify risks associated with business processes, operations, technology projects and information security programs
  • Security considerations of cloud computing, including data breaches, hacking, account hijacking, malicious insiders, third parties, authentication, APTs, data loss, Identity and access and OWASP attacks
  • Strong hands-on technical abilities
  • Proficiency in Mac\Linux systems engineering/operations

Fireblocks' mission is to enable every business to easily and securely access digital assets and cryptocurrencies. In order to do that, we strongly believe our workforce should be as diverse as our clients, and this is why we embrace diversity and inclusion in all its forms.

Please see our candidate privacy policy here.