Application Security Engineer Job in Coindcx

Job Descriptions:

Make a difference by,

Develop security training and guidance to internal development teams
Provide subject matter expertise on architecture, authentication, and system security
Create and maintain artifacts in a protected repository established as a single source of truth
Assess security tools and integrate tools as needed, particularly open-source tools
Assist with recruiting activities and administrative work
Technical Skills
Familiar with common security libraries, security controls, and common
security flaws that apply to Ruby on Rails applications, NodeJS.
Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).
Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP.
Knowledge of browser-based security controls such as CSP, HSTS, XFO.
Experience with standard web application security tools such as Arachni, Brakeman, and BurpSuite.
Participate in the development of CoinDCX with the dev team.
Code quality
Proactively identify and reduce security risks.
Find and remove outdated and vulnerable code and code libraries.
Communication
Consult with other Developers and Product Managers to analyze and propose application security standards, methods, and architectures.
Handle communications with independent vulnerability researchers and design appropriate mitigation strategies for reported vulnerabilities.
Educate other developers on secure coding best practices.
Ability to professionally handle communications with outside researchers, users, and customers.
Ability to communicate clearly on technical issues.
Performance & Scalability
An understanding of how to write code that is not only secure but scales to a large number of users and systems.