Finde einen Job 
Finde eine Ausbildung 
Top Arbeitgeber 
Top Universitäten 
Für Unternehmen Auf einen Blick
- Aufgaben: Ensure security of systems and applications while collaborating with development teams.
- Arbeitgeber: Join Finoa, a leading cryptocurrency management platform focused on security.
- Mitarbeitervorteile: Enjoy 25 vacation days, flexible hours, and fitness memberships.
- Warum dieser Job: Tackle unique security challenges in a fast-paced environment with impactful work.
- Gewünschte Qualifikationen: Experience with SAST, DAST, secure coding, and vulnerability assessments required.
- Andere Informationen: Hybrid work setup available from Berlin and Porto offices.
Das voraussichtliche Gehalt liegt zwischen 54000 - 84000 € pro Jahr.
Your mission
We are looking for a Product Security Engineer to ensure the confidentiality, integrity, and availability of our systems and applications. You will work closely with development teams to identify and mitigate security vulnerabilities throughout the software development lifecycle. This includes performing security assessments, implementing secure coding practices, and driving the adoption of best-in-class security technologies. Your work will span traditional applications as well as Web3 technologies.
We can offer you an exciting and fast-paced environment with some very unique security challenges. Security is Finoa\’s business, and you will have an important and impactful voice within the organization.
In this role, you will:
- You will work closely with Product and Infrastructure teams across the organization to integrate secure practices into all stages of the software development lifecycle, from product inception to operations.
- You will conduct code reviews and penetration tests for Finoa applications, as well as manage the delivery of external assessments.
- Conduct threat modelling to identify potential risks as early as possible in the development lifecycle.
- Conduct security assessments and provide security recommendations for new libraries, integrations, and vendors.
- You are open to working on adjacent security functions as needed, such as infrastructure security and threat detection, and have an always learning mindset.
- Deploy and manage secrets management solutions to enhance security controls.
- Deploy and manage SAST, DAST, and SCA tools to automate security testing. Tune and tailor this tooling for Finoa\’s stack.
- Perform threat modeling, vulnerability assessments, and cryptographic security reviews.
- Provide security guidance to development teams on secure coding practice and secure software architecture.
- Ensure compliance with industry security standards and best practices.
- Collaborate with cross-functional teams to improve security posture across the organization.
What you need to be successful:
- Experience deploying and managing SAST, DAST, and SCA tooling.
- Strong understanding of secure coding, threat modeling, cryptography, and blockchain security.
- Hands-on experience with vulnerability assessments, penetration testing, security monitoring, and incident response.
- Knowledge of security best practices in AWS.
- Familiarity with key management solutions and PAM systems.
- Certifications such as OSCP, OSWE, or AWS Security are a plus.
- Excellent communication and collaboration skills to work with development and security teams.
- Experience with scripting and automation of security related tasks.
- Experience working with HSMs or other secure computational technologies is a big plus.
- Previous experience working with crypto or crypto related technologies is also a plus.
What\’s in it for you:
- Accelerate your career growth by joining one of Europe\’s leading cryptocurrency management platforms.
- 25 vacation days per year, with an additional day for each year of service – up to 30 days.
- Access to cutting-edge technologies, high levels of autonomy, and international working environment.
- Flexible working hours, hybrid work setup from both our Berlin and Porto offices.
- Fitness (Urban Sports Club) and mental health (Likeminded) memberships.
- Hot/cold drinks and snacks in the office, and All Hands meetings once a month with pizza.
#J-18808-Ljbffr
Senior Product Security Engineer Arbeitgeber: Finoa
Kontaktperson:
Finoa HR Team
StudySmarter Bewerbungstipps 🤫
So bekommst du den Job: Senior Product Security Engineer
✨Tip Number 1
Familiarize yourself with the specific security tools mentioned in the job description, like SAST, DAST, and SCA. Having hands-on experience with these tools will not only boost your confidence but also demonstrate your readiness to tackle the challenges at Finoa.
✨Tip Number 2
Engage with the crypto community and stay updated on the latest trends in blockchain security. This knowledge will be invaluable during interviews and will show that you are passionate about the field and ready to contribute to Finoa's mission.
✨Tip Number 3
Prepare to discuss your previous experiences with vulnerability assessments and penetration testing. Be ready to share specific examples of how you've identified and mitigated security risks in past projects, as this will highlight your practical skills.
✨Tip Number 4
Showcase your collaboration skills by thinking of ways you've successfully worked with cross-functional teams in the past. Finoa values communication and teamwork, so having concrete examples will help you stand out as a candidate.
Diese Fähigkeiten machen dich zur top Bewerber*in für die Stelle: Senior Product Security Engineer
Tipps für deine Bewerbung 🫡
Understand the Role: Make sure to thoroughly read the job description for the Senior Product Security Engineer position. Highlight the key responsibilities and required skills, such as secure coding practices and experience with SAST, DAST, and SCA tooling.
Tailor Your CV: Customize your CV to reflect your relevant experience in security assessments, penetration testing, and threat modeling. Use specific examples that demonstrate your hands-on experience with cryptography and blockchain security.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for security and your understanding of the unique challenges in the cryptocurrency space. Mention how your skills align with Finoa's mission and how you can contribute to their security posture.
Highlight Certifications: If you have any relevant certifications like OSCP, OSWE, or AWS Security, make sure to prominently feature them in your application. This will help demonstrate your commitment to professional development in the field of security.
Wie du dich auf ein Vorstellungsgespräch bei Finoa vorbereitest
✨Showcase Your Technical Skills
Be prepared to discuss your hands-on experience with SAST, DAST, and SCA tools. Highlight specific projects where you implemented these technologies and the impact they had on security posture.
✨Demonstrate Your Understanding of Secure Coding Practices
Discuss your knowledge of secure coding, threat modeling, and cryptography. Provide examples of how you've integrated these practices into the software development lifecycle in previous roles.
✨Communicate Effectively
Since collaboration is key in this role, practice articulating complex security concepts in a way that is understandable to non-technical team members. This will showcase your communication skills and ability to work cross-functionally.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving abilities in real-world scenarios. Think about past experiences where you identified vulnerabilities or responded to incidents, and be ready to explain your thought process and actions taken.
