Application Security Engineer
Who are we?
FalconX is one of the fastest-growing startups in FinTech. We are redefining prime brokerage from the ground up.
We are backed by some of the best investors in the world including Accel, American Express, B Capital, Coinbase, Fidelity, Lightspeed Venture Partners, Fenbushi Capital and Tiger Global Management + more yet to be publicly disclosed.
We deliver institutional digital asset traders best-in-class trading, credit, custody and structured products. We trade, lend and secure tens of billions of dollars monthly, are highly profitable, and growing fast, so we need your help!
We are data-driven. Whether it's a growth or product decision, we believe data can always help us make more precise and informed choices.
We move fast. Speed of execution is essential for any startup, but we believe this is even more pertinent in our 24/7 industry.
We prioritize learning. Outcomes are mission-critical, but we also believe that learning in success and in failure will drive our continued success. Our industry is emergent - there’s no shortage of experiments to get involved with and to continue growing and learning together.
FalconX has offices in San Mateo, Chicago, New York, Bangalore, Malta, and Singapore.
Who is on the team?
We are entrepreneurs. Many in our company have been founders or have aspirations to eventually start their own company. We take these ambitions and experiences to bring a solutions-oriented mindset to the problems we encounter day-to-day.
We are experienced. We have been fortunate to have learned from mentors and peers at institutions such as Google, LinkedIn, JUMP Trading, Citadel, PEAK6 Investments, Goldman Sachs, Harvard Business School, Carnegie Mellon, IIT + more.
- Lead threat modeling exercises for new and existing applications, identifying potential security threats and vulnerabilities, and developing mitigation strategies.
- Conduct architecture and design reviews of applications to ensure that security is integrated into the development lifecycle.
- Develop and implement a Secure SDLC process to incorporate Security by design
- Act as a security evangelist both for application and Security in general
- Conduct regular security assessments of applications and infrastructure, identifying potential areas of weakness and developing plans to address them.
- Collaborate with cross-functional teams including developers, project managers, and business stakeholders to ensure that security is integrated into the development process.
- Stay up-to-date with emerging security threats, vulnerabilities, and technologies, and ensure that security measures are updated accordingly.
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity or a related field.
- Minimum of 8 years of experience in application security, including experience leading threat modeling exercises, architecture and design reviews
- Strong knowledge of web application security, secure coding practices, threat modeling, risk management, and compliance requirements.
- Experience with relevant security technologies and tools such as static and dynamic analysis tools, web application firewalls, and vulnerability scanners.
- Excellent communication and interpersonal skills, with the ability to communicate complex security concepts to technical and non-technical audiences.
- Strong analytical and problem-solving skills, with the ability to identify potential security threats and vulnerabilities and develop effective mitigation strategies.
- Ability to manage multiple projects and prioritize tasks effectively.
- Relevant security certifications such as CISSP, CSSLP, or GIAC are preferred.
- Experience developing software applications in Python, Go, or Rust.
- Experience in a cryptocurrency or other blockchain-related environment.
- Experience in a finance or fintech-related environment.
- Experience with presenting at cybersecurity conferences.
- Membership with one or more cybersecurity organizations (e.g., OWASP, ISSA, InfraGard, etc.
Something looks off?