Hexens

Senior Information Security Engineer, Application Security

Hexens

full-time

Posted on:

Origin:  • 🇬🇧 United Kingdom

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

AndroidCloudGoiOSJavaJavaScriptPythonRustTypeScriptWeb3

About the role

  • Alongside our off-chain security lead, plan and deliver advanced application security assessments against API services, application front-ends, wallet software, browser plugins, mobile apps, and SDKs.
  • Collaborate with leading smart contract auditors and cryptography researchers, leveraging your application security expertise to assess attack surfaces outside their on-chain specializations.
  • Work to identify technical vulnerabilities, architectural flaws, and ways to mitigate future risk in the crucial junctions between off-chain and on-chain systems.
  • Interact with developers and key stakeholders when identifying and handling security issues.
  • Deliver clear and concise reporting on issues and attack paths identified.

Requirements

  • At least 5 years experience, or equivalent technical expertise, delivering offensive security services, with a primary focus on application security.
  • Expert-level web application and API security experience, with proficiency assessing apps with modern web frameworks, and identifying advanced client-side, back-end, and business logic attacks.
  • Experience assessing mobile applications (Android/iOS), browser extensions, and desktop applications.
  • Practical experience finding complex vulnerabilities and attack paths in Golang, Rust, TS/JS, Python, Java, or C-based codebases during white/grey-box appsec assessments.
  • Working knowledge of cloud, CI/CD, container, CDN, and network security concepts, and how they apply to application security.
  • Knowledge or willingness to learn web3 security concepts and how they apply to web3-centric applications.
  • Decent scripting and automation skills.
  • Assisting with scoping requirements for application security work.
  • Strong client-facing and soft skills.
  • Big plus if any of the following apply: Significant web2 bug bounty/vulnerability disclosure history; Prior experience as a smart contract auditor or onchain-focused security researcher; Prior experience developing or integrating DeFi protocols, smart contracts, wallet services, or other web3 services; Advanced relevant security certifications (OSWE, Burp Suite Certified Professional, etc.)
Brillio

React Native Mobile App Developer

Brillio
Mid · Seniorfull-time$70–$75Missouri · 🇺🇸 United States
Posted: 24 days agoSource: jobs.lever.co
AndroidApolloAWSAzureCloudFirebaseFlutterGradleGraphQLiOSJavaJavaScript+9 more
Trust Wallet

Senior React Native Engineer

Trust Wallet
Seniorfull-time🌎 Anywhere in the World
Posted: 43 days agoSource: jobs.ashbyhq.com
AndroidiOSJavaScriptReactReact NativeTypeScriptWeb3
Xcorp

Senior Software Engineer

Xcorp
Seniorfull-time🇳🇵 Nepal
Posted: 16 days agoSource: xcorp.breezy.hr
AWSGoJavaScriptLinuxNode.jsNoSQLPythonRDBMSReactReduxSDLCShell Scripting+3 more
Versana

Security Engineer

Versana
Juniorfull-time$100k–$120k / yearNew York · 🇺🇸 United States
Posted: 6 days agoSource: jobs.lever.co
AWSAzureCloudFirewallsGoJavaJavaScriptPythonSDLCTerraformTypeScript
Twilio

Senior Software Engineer, Identity & Security Products

Twilio
Seniorfull-timeCalifornia, Colorado · 🇺🇸 United States
Posted: 2 days agoSource: boards.greenhouse.io
AWSCloudDistributed SystemsGoJavaJavaScriptPythonReactTypeScript