ConsenSys is the leading Ethereum software company. We enable developers, enterprises, and people worldwide to build next-generation applications, launch modern financial infrastructure, and access the decentralized web. Our product suite, composed of Infura, Quorum, Codefi, MetaMask, and Diligence, serves millions of users, supports billions of blockchain-based queries for our clients, and has handled billions of dollars in digital assets. Ethereum is the largest programmable blockchain in the world, leading in business adoption, developer community, and DeFi activity. On this trusted, open source foundation, we are building the digital economy of tomorrow. To explore our products and solutions, visit http://consensys.net/.
The ConsenSys Security Team is looking for a Product Security Engineer to support our product teams in keeping ConsenSys and our customers’ data safe. You will focus on building the security controls that protect our public Cloud environment and creating tooling that enables our engineers to safely deliver customer services in the Cloud.
In this role you will:
- Support our engineering teams in developing secure cloud infrastructure and software applications
- Perform security vulnerability assessments
- Perform and lead architectural threat modeling sessions
- Provide vulnerability resolution support Identify and implement tools, processes, and workflows to find vulnerabilities earlier in the product life cycle
- Build relationships within and across organizational boundaries
- Build a culture of security and DevSecOps across our software engineering organization
Our ideal candidate will have:
- A background in security engineering
- Experience with at least one programing or scripting language
- Strong written and verbal communication skills
- Experience with SAST / DAST tools
- Experience in threat modeling
- Experience with Container Security Tools
Bonus points for:
- Experience with software quality testing, unit testing, and regression testing
- Experience with CodeQL and LGTM
- Knowledge of AWS and / or Azure services and security controls
- A passion for infrastructure as code and experience with tools such as Terraform and CloudFormation
- Experience with private cloud multi-tenancy
- Ability to write readable, maintainable code, and manage source code with git
- Experience working in fast pace Dev(Sec)Ops Environment
- Experience working in a global, distributed environment with a remote workforce
- Experience working in a business focused SAAS environment
