Senior Product Security Engineer

Your mission

We are looking for a Senior Product Security Engineer to enhance our security posture by integrating advanced security tools, implementing Zero-Trust principles, and proactively identifying and mitigating vulnerabilities. This role will play a critical part in ensuring compliance with industry security standards while fostering a culture of security best practices across development and operations.

In this role, you will:

• Integrate SCA, SAST, and DAST tools into CI/CD pipelines to ensure secure software development.
• Implement Zero-Trust security principles across infrastructure, ensuring robust access controls and identity management.
• Design and deploy secure and scalable secrets management solutions to protect sensitive data.
• Develop comprehensive threat models for all services, identifying and mitigating potential risks.
• Conduct frequent penetration testing of internal applications and services to identify vulnerabilities proactively.
• Establish unified vulnerability management pipelines, integrating and standardizing security data from multiple sources.
• Ensure compliance with industry security standards, including SOC 2, ISO 27001, and NIST frameworks.
• Collaborate with development and operations teams to advocate for security best practices and secure coding principles.
• Automate security-related tasks, leveraging scripting and security orchestration techniques.
• Research and implement emerging security technologies, particularly in blockchain and cryptographic security.

What you need to be successful:

• Experience in deploying and managing SAST, DAST, and SCA tooling within CI/CD environments.
• Strong knowledge of secure coding practices, threat modeling, and cryptography.
• Expertise in blockchain security and application security methodologies.
• Hands-on experience with AWS security best practices and cloud-native security solutions.
• Proven track record in vulnerability assessments, penetration testing, security monitoring, and incident response.
• Familiarity with key management solutions and Privileged Access Management (PAM) systems.
• Experience working with HSMs (Hardware Security Modules) or other secure computational technologies.
• Strong scripting and automation skills for security-related tasks (e.g., Python, Bash, PowerShell).
• Relevant security certifications such as OSCP, OSWE, AWS Security (preferred but not required).
• Excellent communication and collaboration skills, with the ability to work across teams and explain security concepts effectively.
• Prior experience working with cryptographic technologies or crypto-related projects is a plus.

What\’s in it for you:

• Accelerate your career growth by joining one of Europe\’s leading cryptocurrency management platforms
• 25 vacation days per year, with an additional day for each year of service – up to 30 days
• Access to cutting-edge technologies, high levels of autonomy, and international working environment
• Flexible working hours, hybrid work setup from both our Berlin and Porto offices
• Fitness (Urban Sports Club)
• Hot/cold drinks and snacks in the office, and All Hands meetings once a month with pizza