Security Engineer

  • coindesk.com
  • Open
  • Jun 09, 2021
Full time Security & Privacy

Job Description

TradeBlock is a wholly owned subsidiary of CoinDesk, servicing financial firms with crypto currency trading technology, institutional-grade market data, as well as blockchain data and analytics. We are a technology company focused on building the foundation for the future of finance, using robust blockchain and cypto currency infrastructure.

We are looking for candidates excited to shape this future by contributing to the crypto and blockchain industries through an industry-leading firm. This full-time role offers a competitive base salary, comprehensive medical/dental/vision benefits, flexible time-off and a rewarding work environment rooted in The CoinDesk way.

The Information Security Architect is responsible for the design, review, and delivery of new and existing cybersecurity initiatives related to securing public trading infrastructure, application security, and SaaS operations. Candidates should be highly technical, hands-on, and have experience designing and executing Information Security policies and programs. 

Responsibilities

  • Incorporate industry security standards into practical security operations, network operations, and application development practices
  • Develop and enforce response procedures for security incidents
  • Work with governance stakeholders to establish best practices for AWS, system permissions, single-sign-on, etc.
  • Edit and maintain policy documentation related to InfoSec, Risk Management, and Incident Response
  • Review software security architecture for internally-developed and third-party products

Requirements

  • Strong understanding of OWASP controls
  • Experience with threat modeling in an Agile and DevSecOps evironment
  • Experience implementing and monitoring security information (SIEM)systems
  • Proficiency with scripting languages such as Python, Bash, etc.
  • GSEC, SSCP, CCSP and/or OCSP
  • Strong communication skills and a collaborative approach
  • 5+ years of professional information security experience
  • Experience with Linux and AWS
  • Knowledge of cloud infrastructure and security

Preferred

  • Knowledge of crypto currency, FX or capital markets
  • Experience with vulnerability research and penetration testing
  • Educated and versed in the latest threat actors, techniques, and incident lifecycle

Technologies

AWS, PostgreSQL, Linux, Redis, Python, Node.js, C/C++, HAProxy, Javascript, Graphite/Grafana, Ansible, Nginx, Python, Django, Git, Bash