WazirX - Lead - Security Engineer

Lead Security Engineer

- Do the words - cryptocurrency- and - blockchain- excite you? Do you want to be a part of India's largest cryptocurrency exchange and shape the future of a decentralized financial world? If yes, read on.

- Founded in 2018, WazirX has over 1 million users, and that number is growing rapidly. WazirX is on a mission to make crypto accessible to everyone in India. It was recently acquired by the world's biggest cryptocurrency exchange, Binance.

- Join us for an opportunity to do the best work of your life!

About the Role:

- You will own the complete security layer and be a single point of contact for Security deliverables across the organization.

- Perform network penetration testing, system vulnerability assessment & security configuration review

- Evaluate, integrate and onboard security tools such as SAST, RASP, open-source scanning into the DevSecOps life cycle.

- Work with product development teams to encourage security as a design paradigm and establish good practices.

- Integrate automated Application Security scanning into the build CI/CD pipeline.

- Own the technical architecture discussions with engineering & product teams and develop risk mitigation plans, when needed.

- Handle regulatory audits and provide reports to the authorities for audit and compliance

- Responsible to plan future security posture to address the developing cybersecurity threat landscape.

- Maintain comprehensive documentation related to the product security processes and controls.

About You:

- Minimum of 8+ years of hands-on experience and proficiency in at least one of the following languages: Java, Python, NodeJS.

- Strong background in multiple security disciplines and technologies, including network and endpoint security, identity and access management, end-user security services, SIEM, and security automation/orchestration, including deployment in public cloud (AWS) environments.

- Experience with web technologies such as HTML, JavaScript, AngularJS, ReactJS, CSS.

- Experience with backend technologies such as Ruby on Rails, Golang etc would be an added advantage

- Understanding of cloud architectures & data security on cloud. Familiarity with security and compliance best practices

- Ability to work with minimal levels of supervision or oversight

- Experience with Application Security tools including SAST, DAST, and OSS vulnerability scanning.

- Experience working with product development teams to identify and implement security improvements.

- Knowledge and experience performing security assessments of web and mobile applications.

- Knowledge of OWASP top-10 and a deep understanding of web application and mobile app vulnerabilities.