Senior Application Security Engineer, Moncton
Senior Application Security Engineer, Moncton
-
Moncton, Canada -
Dernière édition le: il y a moins d’une semaine
-
Ajouter -
Partager
Description
Figment
powers the future of Web3 through industry-leading blockchain infrastructure. As the leading provider of staking solutions,
we help 500+ institutional clients optimize their crypto rewards , including top exchanges, asset managers, wallets, foundations, custodians, and major token holders. Our clients trust Figment for a comprehensive suite of services, including
reward optimization ,
cutting-edge API development , detailed
rewards reporting , seamless
partner integrations ,
governance support , and
slashing protection .
Backed by a team of passionate and intelligent Figmates, with a
100% remote-first
global presence across
12 countries , our company is on a mission to accelerate the adoption, growth, and long-term success of the Web3 ecosystem. We’re building the infrastructure that will power the decentralized future.
As a fast-growing tech company, we’re looking for
builders
and
innovators
— people who thrive in the face of uncertainty and are motivated to make an impact. We are also looking for true teammates - people who are genuine, humble, and driven to level up together. If you're excited to shape the future, contribute to an
energetic company culture , and work at the cutting edge of blockchain technology, we want you to join our team and help us lead the charge!
About the opportunity As a senior member of the Figment Security Red Team, your responsibility will be to design and execute campaign-based security testing for Figment. This will involve targeting multiple types of assets. Successful applicants should have the ability to evaluate environments, applications, systems, or processes to identify vulnerabilities. Furthermore, they should be able to translate these findings into practical attack strategies for real-world scenarios.
To effectively support Figment's security initiatives, you will need to utilize your knowledge of modern web applications, cloud platforms, CI/CD pipelines, networking and protocols, databases, middleware applications, and scripting. You will also need to effectively communicate highly technical information to internal customers. Additionally, you will be responsible for providing remediation recommendations and validating security remediation findings.
How you will make an impact
Discover and exploit novel vulnerabilities in Figment applications.
Perform a full range of red team activities focusing on application security, API exploitation, and software deployment pipelines.
Document processes, procedures, and workflows for red team operations.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Collaborate with seniors in the security team and the product team to enhance the company's security posture.
Effectively communicate findings and strategies to stakeholders, including technical staff, executive leadership, and legal counsel.
Provide practical and risk-appropriate recommendations to address vulnerabilities.
Configure and safely use offensive security tools, tactics, and procedures in Figment environments.
Enhance Figment's red teaming processes by developing and improving scripts, infrastructure, tools, and methodologies.
Offer recommendations and guidance to enhance the defensive capabilities of the team and its ability to defend the Figment Enterprise.
Provide mentoring and training to blue team members and actively participate in cross-team security exercises.
Provide technical expertise and support during incident response and assist in creating post-incident action plans.
What you bring to the team
Bachelor's degree or five or more years of work experience
Experience with web application and API exploitation or security assessments
Experience with CI/CD workflows and pipelines
Experience in scripting and automation of simple tasks using Bash, Python, or similar
Experience with container orchestration management tools such as Docker and Kubernetes.
Experience with source code review for control flow and security flaws.
Experience with red, blue, or purple teaming exercises.
Strong knowledge of offensive security and pentesting tooling such as Kali Linux, Burp Suite, and other open source tools.
Strong technical writing.
Even better if you have:
Industry certifications such as OSCP/OSCE, OSEP, OSWE, GPEN, GCPN, GWAPT, or GXPN.
Solid understanding and experience working with Github and Github deployment pipelines
Solid understanding of public cloud environments including AWS, Azure and Google.
Solid understanding of OWASP Top 10 and how to effectively exploit them.
Thorough understanding of network protocols, data on the wire, and covert channels.
Understanding of security risks for blockchain and crypto.
Technologies we use Teams you’ll collaborate with most often In addition to collaborating with other Security team members, this role will collaborate most often with our Product Engineering teams.
Why you might be excited about us At Figment, we offer an exciting range of
competitive benefits
designed to support and empower every member of our team:
100% remote-first environment.
Our flagship office is in Toronto, Canada. We also have additional co-working spaces in New York, London, and Singapore. That means if you want to do your things in the office (if you’re near one), at home, or a bit of both, it’s up to you.
4 weeks of
PTO
that kick in day one, with an additional 1 week of flex days.
Extended
company-paid health benefits
that kick in day one.
Best in class
parental leave
and flexible arrangements.
A
home office stipend
to create a space that you enjoy working in.
A yearly
Learning&Development budget.
401K
(US) or
RRSP
match
(Canada).
Stock Options
in the company.
A competitive
bonus
(based on company performance) that is distributed bi-annually - we believe that the company’s success should be shared with our employees often For roles listed within the Sales Department, there is instead a competitive commissions structure which will be outlined during your first interview with Figment
Annual
onsite company gatherings
and retreats to inspire team bonding, collaboration, and fun!
Other reasons you may love working at Figment
We are a
team
of under 200 members , which allows for an impactful contribution from day one.
We place a strong focus on
personal career development
to shape a role that fits your goals and interests. Your satisfaction and well-being matter to us, and we’re here to support your ongoing growth.
Our
culture
is one of honesty, professionalism and risk taking in a high-growth environment.
Our team members themselves recommend working at Figment - with an
eNPS
score of 54 (which is ranked as‘great’!).
One of Figment’s core principles is “Making the Invisible Visible” - ensuring transparency and information sharing in all communication. Figment is committed to transparency regarding pay, benefits, and other compensation types for all internal roles as well as all roles being hired for.
Base Salary: The CAD base salary range for this position is CAD $140,000 - $160,000.
This range reflects base salary only, and does not include additional compensation or benefits. For candidates in other countries, the pay range will be disclosed upon your first interview with Figment (being a globally remote company, the list of salary ranges would simply be too long to note here!). The range displayed reflects the minimum and maximum range for a new hire across all Canada or the US. A candidate’s specific pay within the range will be determined by various factors including job-related skills, relevant education, and training.
At Figment, we try to go above and beyond in making sure that you have the best possible experience interviewing with us. We strive for a smooth, organized, and informative process.
During your first Recruiter Call, you will be provided with more information about Figment, the position and what to expect for the rest of the interview process. Please be prepared to discuss why you are interested in joining Figment and what excites you about the position and company.
As we go through the process, we work to make sure that you hear back from us in a timely fashion. If we decide at any point that we’re unfortunately not moving forward, we will give you feedback on why it was not a fit.
We aim for the entire process to take around 2-4 weeks from initial screen to offer. There can be exceptions on either side of the bell curve here, but as a rule, that’s the time‑frame you can expect.
At Figment, we have a thorough hiring process to verify the identity of all job candidates. This includes checking documents, conducting in-person interviews and completing background checks. Candidates must pass all these steps to be considered for a job with Figment. Anyone who provides false information or tries to skip these steps will be disqualified from the hiring process immediately.
To learn more about Figment, our team, and the amazing work we are doing, visitour website . Are you ready to join us?
#J-18808-Ljbffr
powers the future of Web3 through industry-leading blockchain infrastructure. As the leading provider of staking solutions,
we help 500+ institutional clients optimize their crypto rewards , including top exchanges, asset managers, wallets, foundations, custodians, and major token holders. Our clients trust Figment for a comprehensive suite of services, including
reward optimization ,
cutting-edge API development , detailed
rewards reporting , seamless
partner integrations ,
governance support , and
slashing protection .
Backed by a team of passionate and intelligent Figmates, with a
100% remote-first
global presence across
12 countries , our company is on a mission to accelerate the adoption, growth, and long-term success of the Web3 ecosystem. We’re building the infrastructure that will power the decentralized future.
As a fast-growing tech company, we’re looking for
builders
and
innovators
— people who thrive in the face of uncertainty and are motivated to make an impact. We are also looking for true teammates - people who are genuine, humble, and driven to level up together. If you're excited to shape the future, contribute to an
energetic company culture , and work at the cutting edge of blockchain technology, we want you to join our team and help us lead the charge!
About the opportunity As a senior member of the Figment Security Red Team, your responsibility will be to design and execute campaign-based security testing for Figment. This will involve targeting multiple types of assets. Successful applicants should have the ability to evaluate environments, applications, systems, or processes to identify vulnerabilities. Furthermore, they should be able to translate these findings into practical attack strategies for real-world scenarios.
To effectively support Figment's security initiatives, you will need to utilize your knowledge of modern web applications, cloud platforms, CI/CD pipelines, networking and protocols, databases, middleware applications, and scripting. You will also need to effectively communicate highly technical information to internal customers. Additionally, you will be responsible for providing remediation recommendations and validating security remediation findings.
How you will make an impact
Discover and exploit novel vulnerabilities in Figment applications.
Perform a full range of red team activities focusing on application security, API exploitation, and software deployment pipelines.
Document processes, procedures, and workflows for red team operations.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Collaborate with seniors in the security team and the product team to enhance the company's security posture.
Effectively communicate findings and strategies to stakeholders, including technical staff, executive leadership, and legal counsel.
Provide practical and risk-appropriate recommendations to address vulnerabilities.
Configure and safely use offensive security tools, tactics, and procedures in Figment environments.
Enhance Figment's red teaming processes by developing and improving scripts, infrastructure, tools, and methodologies.
Offer recommendations and guidance to enhance the defensive capabilities of the team and its ability to defend the Figment Enterprise.
Provide mentoring and training to blue team members and actively participate in cross-team security exercises.
Provide technical expertise and support during incident response and assist in creating post-incident action plans.
What you bring to the team
Bachelor's degree or five or more years of work experience
Experience with web application and API exploitation or security assessments
Experience with CI/CD workflows and pipelines
Experience in scripting and automation of simple tasks using Bash, Python, or similar
Experience with container orchestration management tools such as Docker and Kubernetes.
Experience with source code review for control flow and security flaws.
Experience with red, blue, or purple teaming exercises.
Strong knowledge of offensive security and pentesting tooling such as Kali Linux, Burp Suite, and other open source tools.
Strong technical writing.
Even better if you have:
Industry certifications such as OSCP/OSCE, OSEP, OSWE, GPEN, GCPN, GWAPT, or GXPN.
Solid understanding and experience working with Github and Github deployment pipelines
Solid understanding of public cloud environments including AWS, Azure and Google.
Solid understanding of OWASP Top 10 and how to effectively exploit them.
Thorough understanding of network protocols, data on the wire, and covert channels.
Understanding of security risks for blockchain and crypto.
Technologies we use Teams you’ll collaborate with most often In addition to collaborating with other Security team members, this role will collaborate most often with our Product Engineering teams.
Why you might be excited about us At Figment, we offer an exciting range of
competitive benefits
designed to support and empower every member of our team:
100% remote-first environment.
Our flagship office is in Toronto, Canada. We also have additional co-working spaces in New York, London, and Singapore. That means if you want to do your things in the office (if you’re near one), at home, or a bit of both, it’s up to you.
4 weeks of
PTO
that kick in day one, with an additional 1 week of flex days.
Extended
company-paid health benefits
that kick in day one.
Best in class
parental leave
and flexible arrangements.
A
home office stipend
to create a space that you enjoy working in.
A yearly
Learning&Development budget.
401K
(US) or
RRSP
match
(Canada).
Stock Options
in the company.
A competitive
bonus
(based on company performance) that is distributed bi-annually - we believe that the company’s success should be shared with our employees often For roles listed within the Sales Department, there is instead a competitive commissions structure which will be outlined during your first interview with Figment
Annual
onsite company gatherings
and retreats to inspire team bonding, collaboration, and fun!
Other reasons you may love working at Figment
We are a
team
of under 200 members , which allows for an impactful contribution from day one.
We place a strong focus on
personal career development
to shape a role that fits your goals and interests. Your satisfaction and well-being matter to us, and we’re here to support your ongoing growth.
Our
culture
is one of honesty, professionalism and risk taking in a high-growth environment.
Our team members themselves recommend working at Figment - with an
eNPS
score of 54 (which is ranked as‘great’!).
One of Figment’s core principles is “Making the Invisible Visible” - ensuring transparency and information sharing in all communication. Figment is committed to transparency regarding pay, benefits, and other compensation types for all internal roles as well as all roles being hired for.
Base Salary: The CAD base salary range for this position is CAD $140,000 - $160,000.
This range reflects base salary only, and does not include additional compensation or benefits. For candidates in other countries, the pay range will be disclosed upon your first interview with Figment (being a globally remote company, the list of salary ranges would simply be too long to note here!). The range displayed reflects the minimum and maximum range for a new hire across all Canada or the US. A candidate’s specific pay within the range will be determined by various factors including job-related skills, relevant education, and training.
At Figment, we try to go above and beyond in making sure that you have the best possible experience interviewing with us. We strive for a smooth, organized, and informative process.
During your first Recruiter Call, you will be provided with more information about Figment, the position and what to expect for the rest of the interview process. Please be prepared to discuss why you are interested in joining Figment and what excites you about the position and company.
As we go through the process, we work to make sure that you hear back from us in a timely fashion. If we decide at any point that we’re unfortunately not moving forward, we will give you feedback on why it was not a fit.
We aim for the entire process to take around 2-4 weeks from initial screen to offer. There can be exceptions on either side of the bell curve here, but as a rule, that’s the time‑frame you can expect.
At Figment, we have a thorough hiring process to verify the identity of all job candidates. This includes checking documents, conducting in-person interviews and completing background checks. Candidates must pass all these steps to be considered for a job with Figment. Anyone who provides false information or tries to skip these steps will be disqualified from the hiring process immediately.
To learn more about Figment, our team, and the amazing work we are doing, visitour website . Are you ready to join us?
#J-18808-Ljbffr
Informations clefs
-
Nom de l’entrepriseCrypto Pro Network -
Titre de posteSenior Application Security Engineer
-
Signaler -
Bloquer l’annonce
Conseils de Sécurité
Soyez vigilant lorsqu’il s’agit d’une offre stipulant explicitement qu’aucune expérience n’est requise.
Recherches afférentes
Informations supplémentaires sur l’annonce
Senior Application Security Engineer est visible sur Locanto dans la rubrique Moncton Informatique, télécommunications.
Pour Moncton il n’y a pas d’autres annonces dans cette rubrique.
Il y a encore plus de petites annonces dans un rayon de 15 km pour cette rubrique. Cliquez ici pour consulter ces annonces.
