portal resources jobs companies c crypto.com offensive security engineer

Offensive Security Engineer 🔥


Crypto.com was founded in 2016, Crypto.com today serves over 10 million customers with the world’s fastest growing crypto app, along with the Crypto.com Visa Card — the world’s largest crypto card program — the Crypto.com Exchange and Crypto.com DeFi Wallet. Recently launched, Crypto.com NFT is the premier platform for collecting and trading NFTs, carefully curated from the worlds of art, design, entertainment and sports.

Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO/IEC 27701:2019, ISO27001:2013 and PCI:DSS 3.2.1, Level 1 compliance, and independently assessed at Tier 4, the highest level for both NIST Cybersecurity and Privacy Frameworks.

With over 4000 people in offices across the Americas, Europe and Asia, Crypto.com is accelerating the world’s transition to cryptocurrency. Find out more: https://crypto.com [1]

For more information, please visit www.crypto.com.

[2]


What you will do:

  • As an individual contributor in our Offensive team, your responsibilities will include the followings:
  • Create, develop, and implement tactics, techniques, and procedures (TTPs) to be used in our regular assessment with the blue team.
  • Develop novel attack vectors based on newly discovered vulnerabilities in our software stack
  • Develop in-house security automation solution that makes our security checking faster and easier
  • Apply industry standards and best practices including the OWASP and the MITRE ATT&CK Framework
  • Assess security measures applicable to our employees, virtual and physical asset
  • Work with compliance team to provide technical assessment and remediation advice according the different local laws
  • Work closely with the development teams to provide expert guidance and advice on remediation of identified vulnerabilities

Requirements

  • Understanding of pentest and red teaming methodologies and concepts
    • Basic understanding of compliance procedures
    • Knowledge of how these technologies work and ways to attack them:
    • Windows, Linux, macOS
    • Web and mobile application security and vulnerabilities
    • Binary analysis and reverse engineering
    • Software and hardware supply chains
    • Basic networking knowledge, CDN, WAF, and web content filtering
    • Azure, GCP, AWS
  • Experience in writing the following languages: Python, golang, bash
  • Experience in reviewing the following languages from a security perspective: Python, goland, Java, Swift, Ruby, Elixir

Good to have

    • Provable experience of your pentest and red teaming skills (e.g. bug bounty reports, CTF result, blog, technical security certificates)

Benefits

  • Working in a well-organized team and be able to learn how to protect an Enterprise and ship secure applications at a fast pace
  • New challenges every day, but still be able to enjoy work-life balance
  • Have exposure to many cutting edge technologies in the industry
  • Flexible working environment with adjustable work from home arrangements

  1. https://crypto.com
  2. https://crypto.com

Let us send you new openings similar to Offensive Security Engineer straight to your Inbox. Weekly or Daily. 7-day free trial 💌

The ability to work remotely increases employee happiness by 20 percent.