At Qredo we are developing state of the art cryptographic services to solve the problem of private key management in Tier 1 blockchains. Specifically, we are using Multi-Party Computation Threshold signature scheme (MPC-TSS) for ECDSA and EdDSA to run a distributed, highly available network of signing nodes.

Responsibilities:

– Drive adoption and coverage of automated Application security testing in the Secure SDLC process and CI/CD pipelines (SAST, DAST, SCA, others).
– Perform security-related design and implementation reviews and risk analysis of the platform.
– Evaluation of security controls to insure adherence with compliance and industry best practices.
– Working with key business stakeholders to maintain and improve security activities in a timely and planned manner.
– Find and remediate security flaws across the software stack using penetration testing, vulnerability scanning and source code reviews.
– Support activities related to incorporating the Shift-left security approach.
– Maintain and improve secure coding standards and guidelines and deliver secure application development trainings.
– Develop technical documentation, including functional and system design specifications and Standard Operating Procedures as necessary.
– Work with external penetration testers to continuously improve security of the platform.
– Manage and improve our Bug Bounty program by coordinating with researchers and in-house developers, to evaluate, rank and remediate reported vulnerabilities.
– Developing and maintaining various custom automation tools to improve the capabilities and efficiency of the Application security team and the overall security of the company.
– Participate in Security incident response activities as needed.

Requirements

– Solid understanding of Information Security principles and the specific behaviours and practices that would help secure Qredoโ€™s information assets and intellectual property.
– Experience with Secure Software Development Lifecycle methodologies and security frameworks (OWASP standards, SANS, MITRE, NIST, others).
– Ability to clearly communicate security requirements and translate them into tangible project deliverables.
– Excellent analytical skills, attention to detail, and ability to methodically troubleshoot complex issues.
– Hands-on experience with static and dynamic vulnerability identification using industry-leading scanning tools.
– Bachelorโ€™s Degree in Computer Science, Information security or relevant professional experience;

Benefits

  • Working from home
  • Competitive Salary
  • Career Growth Opportunities

About Qredo

Qredo works at the cutting-edge of cybersecurity, decentralized finance and blockchain. We use the latest innovations in cryptography and distributed ledger technology to deliver unique solutions for securing and trading digital assets. Qredo is a well-funded, VC backed start-up with a clear mission and unprecedented demand for our products. Qredo is the ideal company for hard-working, highly creative engineering staff who enjoy working in a friendly, collaborative environment.