Security Engineer (Application)
Our mission is to bring blockchain to a billion people. That's a lot of software to cover. As an application security engineer at Alchemy, you'll be hardening one of the most sophisticated and high-throughput distributed systems in the blockchain world. You'll focus on designing, building, and deploying application security tools to protect our platform.
- Perform dynamic application security testing (DAST) on Alchemy products
- Perform static analysis (SAST) of the Alchemy code base
- Discover, prioritize, and remediate technical risks on features, products, infrastructure, and acquisitions
- Perform threat modeling on existing and upcoming features and releases
- Develop and own best practices for application security, development, and deployment
- Identify and assess vulnerabilities stemming from third party dependencies.
- Identify opportunities to improve existing practices and uphold Alchemy's high technical quality bar
- Debug production issues across services and multiple levels of the stack
- Collaborate with other engineers, PMs, and designers
What We're Looking For:
- 5+ years of relevant industry experience in security or operations
- Deep understanding of web security, TLS/SSL, web authentication, and applied cryptography
- Experience with industry standard threat models and security tooling
- Experience with AWS technologies is a plus
- Experience with production distributed systems, web applications, and microservice architecture
- Proven track record securing highly available and highly scalable systems
- Self-starter attitude and the ability to execute new ideas with autonomy
- Experience working with startups
- Experience working in Web3
- A hustler mentality, founding a company or building side projects is a plus!