About the Role
We are seeking an Application Security Engineer to join our team remotely. As an Application Security Engineer, you will play a crucial role in safeguarding our financial and blockchain ecosystem. Your primary responsibility will be to ensure that the code we ship and run is secure by design. This position offers a unique opportunity to work at the intersection of traditional Fintech and emerging Web3 technologies.
What You'll Do
- Perform deep-dive security reviews of web applications, APIs, and cloud infrastructure.
- Develop security-focused tools and libraries in Go, Java, or Ruby to assist developers in writing secure code.
- Support our blockchain initiatives by identifying risks in L1/L2 integrations and smart contract interactions.
- Manage and tune Web Application Firewalls (WAF) and cloud-native security controls.
- Contribute to the security culture through developer training and participating in incident response when necessary.
- Build and maintain the tooling that integrates security into our development lifecycle, moving from manual reviews to automated, scalable guardrails.
- Partner with engineering teams during the design phase of new features (Threat Modeling) to identify risks before a single line of code is written.
- Manage the end-to-end lifecycle of vulnerabilities, from discovery via internal audits or Bug Bounties to collaborating with engineers on "gold-standard" remediations.
Requirements
- Proven ability to perform deep-dive manual security testing while also securing production-quality code.
- Expert-level knowledge of OWASP Top 10, CWE, and API security vulnerabilities (Go, Java, or Ruby preferred).
- Experience building and scaling security checks directly into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins).
- Working knowledge of AWS/GCP security configurations, particularly IAM, VPCs, and WAF management.
Nice to Have
- Experience with blockchain security practices.
- Familiarity with security frameworks and compliance standards.
- Knowledge of secure coding practices.
What We Offer
- Competitive salary ranging from $169,200 to $195,000 per year.
- Fully remote work environment, allowing you to work from anywhere.
- Opportunities for professional development and continuous learning.
- Comprehensive health benefits and wellness programs.
- Flexible working hours to promote work-life balance.
This Application Security Engineer role at Paxos offers a unique opportunity to work in a fully remote environment while ensuring the security of financial applications. With a competitive salary and the chance to work with cutting-edge technologies, this position is ideal for security professionals looking to make an impact.
Who Will Succeed Here
Proficient in programming languages such as Go and Java, with hands-on experience in building secure applications and understanding of OWASP top 10 vulnerabilities.
Self-motivated with a strong ability to manage time effectively while working remotely, demonstrating discipline and independence in meeting deadlines and collaborating with distributed teams.
Experienced in implementing CI/CD pipelines and cloud security practices on platforms like AWS and GCP, with a proactive mindset for identifying potential security flaws in APIs and application architecture.
Learning Resources
Career Path
Market Overview
Skills & Requirements
Domain Trends
Industry News
Loading latest industry news...
Finding relevant articles from the last 6 months