Crypto.com is hiring a
Application Security Engineer

Summary

The job description is for a Cybersecurity and Data Privacy team member at Crypto.com. The role involves discovering security vulnerabilities, using automated tools, participating in agile scrum meetings, conducting secure coding training sessions, implementing various security controls, and providing support on application level security monitoring. The requirements include 1-4 years of software development experience or web-api and mobile app penetration experience, a deep understanding of OWASP Top 10, proficiency in English (Mandarin is an advantage), and relevant security certificates. The job offers competitive salary, medical insurance package with extended coverage to dependents, attractive annual leave entitlement, work flexibility adoption, flexi-work hours, hybrid or remote setup, crypto.com visa card upon joining, and growth opportunities.

Requirements

• 1-4 years of software development experience focusing on Server Side development, OR 1-4 years of experience in web-api and mobile app penetration
• A deep understanding of OWASP Top 10 and the ability to spot and address logic flaws
• Good understanding of the whole software development lifecycle, CI/CD tools, cloud, Kubernetes, and various technology stacks
• Security-related certificates such as OSCP, CREST, CISSP, and CLSSP are definitely an advantage
• Proficiency in both spoken and written English. Being able to speak Mandarin will be an advantage

Responsibilities

• Discover security vulnerabilities through design review, manual source code review, and follow up on the remediation process
• Use automated tools to find security vulnerabilities in source code and/or system
• Participant in relevant agile scrum meetings and provide professional recommendations on the design of security controls, libraries, and/or protocols
• Conduct secure coding training sessions
• Implement various security control verification and risk detection by developing our own automation system
• Implement security related libraries for internal use
• Provide support on application level security monitoring, intrusion detection, and incident response

Benefits

• Competitive salary
• Medical insurance package with extended coverage to dependents
• Attractive annual leave entitlement including: birthday, work anniversary
• Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up
• Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope
• Work Perks: crypto.com visa card provided upon joining