Summary

We are looking for a versatile 

to join the team to continue to mature the application security practices at BitGo. This exciting opportunity empowers you to ensure vulnerabilities are prevented, or detected as early as possible. You get the opportunity to make a real and meaningful difference. We want you to focus on quality over noise. Automation over manual work. Your work would take place during regular business hours working with the local team. From time to time evening meetings will be necessary.

Responsibilities:

1. Assist in the development of automated security testing to validate that secure coding best practices are being used
2. Assist in the creation and delivery of secure development training
3. Participate in application security reviews and threat modeling, including secure code review, architectural design, and dynamic testing
4. Perform application security vulnerability management
5. Support the bug bounty program
6. Facilitate and support the preparation of secure releases
7. Support and consult with engineering teams in the area of application security and best practices
8. Drive security projects from ideation to requirements to implementation
9. Mature the security program through the use of the NIST CSF
10. Assist in any relevant incident response activities

Skills & Experience: 

We are looking for teammates who share and practice our values: open communication, transparency, taking ownership, and a high level of craftsmanship. We are looking for coworkers who share our vision and mission: deliver trust in digital assets. 

Required:

1. 5+ years of experience with application security
2. 1-2 years of experience in software development and mobile security
3. Familiarity with common security libraries, security controls, and common security flaws.
4. Experience with OWASP, static/dynamic analysis, and common security tools
5. A basic understanding of network and web related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, protocols)
6. Experience in vulnerability management lifecycle
7. Familiarity with cloud security controls and best practices
8. Experience working with developers
9. Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
10. Preference for candidates who know some of the programming languages in use at BitGo - TypeScript, Go, Python, Java, Kotlin      

Skills

• Communications Skills
• Development
• Java
• Python
• Software Engineering
• Team Collaboration
• TypeScript