CareersBe part of changing the financial servicesindustry while working alongsidethe best and brightest. ResourcesView news coverage, videos, blog postsand white papers about Digital Assetand its technology. BlogStay up to date with the latestannouncements and blog postsfrom Digital Asset. ContactContact us for more informationabout the Digital Asset Platformand our services.
CLOSE
CLOSE
CLOSE CLOSE

Applications Security Engineer 

Position in Budapest, New York, Zürich.

About Digital Asset

Digital Asset is among the fastest growing, most recognized fin-tech startups globally and is the market leader in developing distributed ledger technology applied to the market infrastructure and financial services sector. Backed by leading financial institutions, infrastructure providers and financial software providers, the company is delivering enterprise-grade solutions for post-trade services.

Digital Asset applies a rigorous customer-driven approach to deliver on our vision for a better global financial system, enabled by distributed ledger technology.

  • Our culture is "all-in" and rewards collaboration, integrity and excellence.
  • We value each other, what we do for our clients and how we do it.
  • Our mission is delivering breakthrough distributed ledger solutions.

As we grow our team, we will maintain the dynamic, collaborative and pragmatic way of working that has grounded our efforts from the beginning. If you seek to develop solutions others are yet to contemplate and are driven by the opportunity to have impact, the following opportunity may be right for you.

Opportunity

Applications Security Engineers partner with the Product and Engineering teams to improve the security of our software and products. They ensure the security of the DA platform and applications from design to implementation and operations, in our environment and those of our clients. By implementing secure coding and application security best practices across the SDLC, they facilitate the delivery of a unique DLT platform with world-class robustness and security properties.

What We Are Using:

  • Java and Scala for backend development, Haskell for DSL tools and formal methods
  • Agile/Scrum and modern software engineering practices (SBE / TDD / CI / CD etc.)
  • Cloud services, containers for rapid deployment
  • SonarQube, Veracode and other tools for code analysis

Key Responsibilities

  • Partner with the Engineering and Product teams to define identity management, PKI and HSM implementations, implement secure coding practices, design customer-facing application security features and ensure that security is an integral part of the design and implementation of the product roadmap.
  • Work closely with the platform architecture team and software engineering teams throughout the entire SDLC to ensure that security concerns (including confidentiality, integrity and availability) are taken into account during design, development, testing, implementation, and deployment.
    • Identify emerging vulnerabilities, risks and threats during design iterations and provide appropriate mitigation strategies
    • Perform vulnerability assessments, source code reviews and open source management
    • Assist engineering teams in feature design and threat modeling
    • Drive source code security black-box testing, penetration testing, distributed system integrity and build system hardening
    • Maintain, validate, and communicate the products' threat model, security properties, and trust model
    • Help secure infrastructure and services by identifying and tracking outstanding risks
  • Educate software engineers on secure coding techniques and application security best practices.
  • Monitor developments within the application security industry to continually advance and mature our internal practices and processes.

Key Criteria

  • Ideally, 10+ years experience as a hands-on security engineer, working in a globally distributed development environment.
  • Experience working with product managers to define and drive the product security vision, as well as building and validating sound security foundations.
  • Proven history of delivering high-quality, increasingly complex, commercial software products to a global market.
  • Minimum of 5 years hands-on security and application design experience, with focus on security capabilities (confidentiality, integrity and availability) delivering mission-critical technology to the enterprise software market using Agile methodologies.
    • Strong command of distributed systems development.
    • Deep understanding of secure coding practices, penetration testing, OWASP Top 10.
    • Experience with recovery-oriented computing techniques to develop systems that detect and gracefully recover from system failure.
    • Advanced understanding of high-performance and high-availability coding techniques.
    • Experience developing software targeting Linux and Windows environments, including an adept ability to incorporate open source software as appropriate.
  • Strong understanding of embedding security into the development lifecycle and advocacy of security best practices across Engineering.
    • Familiarity with and interest in functional programming, formal specifications and verification; ideally with experience using Java, Scala, Python and Haskell.
    • Familiarity with and interest in functional programming, formal specifications and verification.
    • Continuous learning mindset and learning of new programming language paradigms
  • Servant leader who drives security processes and themes by example, through tools, and with automation.
  • Confident and "all in" mentality.
  • Strong commercial orientation with a deep passion for customer-driven design and development throughout the SDLC.
  • Collaborative approach that factors and embraces and insists upon diverse perspectives as a strategic imperative.
  • Open, strong communicator who communicates effectively across groups, locations and cultures, in-person and virtually, and can advocate for security best practices within the security engineering group.
  • Continuous growth mindset with strong disposition toward innovation and intrapreneurial ways of working.
  • Courage of convictions with a high degree of humility. Embraces constructive feedback and is resilient.
  • BS, MS or PhD in computer science, or related discipline.

Connect With Us

This is a rare opportunity to help define an industry and join a powerful team of financial services and technology innovators from cross sector startups and enterprise.

Digital Asset is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, religion, sexual orientation, age, disability, citizenship status, veteran status or any other basis protected by applicable law. Applicants with disabilities who require accommodation should contact HR@digitalasset.com.

01. Apply

First Name
First Name
Last Name
Last Name
Email
Email
Phone
Phone
Linkedin
Linkedin
Your Cover Letter
About you
About you
0
0
Too Small!
Make your browser window bigger.
Increase your browser width since we are still
working on the mobile version.
For a nice experience
please update your browser.