Application Security Engineer at WOO

WOO  operates a centralised exchange WOO X and a decentralised platform WOOFi, democratising access to top-tier liquidity and exceptional trading execution while keeping costs competitive. Our native token, $WOO offers token holders a unique position to participate, engage, and maximise the benefits of both the DeFi and CeFi ecosystem. Our team of highly-selected 170 employees is located in 12 cities worldwide 🚀

Our vision is to inspire confidence, higher performance, and joy in every user. We have a mission to provide the best liquidity on the best terms. We compete not just on price execution but also on integrity, user experience, innovative tools, and global opportunities.

About the opportunity:

We are looking for an Application Security Engineer who can join us along this mission and vision. You’ll become an integral part of the Security team, which is targeted to protect our properties and assets. Monitoring daily basis needs, improving the level of controls and also making sure our process meets compliance.  Interested? Keep on reading!

What you’ll be working on:

• Set security controls and design requirements during the software creation and development stage of the software lifecycle. Lead and involve constant and dynamic app security testing, ensures that security across all aspects of the software is uniform by setting up checkpoints.
• Solid knowledge of web applications security, strong source code auditing skills, and understanding of the causes and solutions of the different types of security vulnerabilities.
• Experience with at least one mainstream SAST and DAST tool, work with develop teams during all phases of the SDLC to ensure that applications are designed and implemented securely.
• Understanding the basic techniques of penetration testing and security testing.
• Sufficient understanding of cryptography and mainstream encryption and decryption algorithms.
• Investigate vulnerability reports related to Woo products and services.
• Support other security team projects such as threat modeling, vulnerability scanning and audits.

Why work with us:

Join us in realising our vision in advancing decentralisation, and leading innovation in CeFi and DeFi. Enjoy work flexibility, a supportive team, and an environment that nurtures your ideas. Plus, expect a performance-based annual bonus for all contributors at WOO 💪

About you:

• 5+ years of total experience in a security role.
• Experience automating security tests in cloud based CI/CD pipelines,such as GitLab-CI or jenkins.(must be have)
• Experience working with SAST, DAST, SCA testing processes and tools, such as Fortify, Chechmarx, Snyk, Acunetix or AppScan.(must be have)
• Self-motivated and creative problem solver able to work independently with minimal guidance. (must be have)
• Strong ability to work collaboratively across teams. (must be have)
• Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management.(must be have)
• Understanding working on applications deployed within GCP and K8S highly desired.
• Experience with common attack techniques and conducting penetration tests.
• Working knowledge of public and private key cryptography.
• Bachelor's degree in computer science, computer engineering, cyber security or related field. Equivalent experience is also accepted.
• Certifications such as OSCP or experience to get CVE number will receive favorable consideration but are not required.

Getting the job

We're actively seeking talented individuals to join our team outside of our typical hiring schedule. This proactive approach allows us to connect with exceptional candidates like you even before specific positions become available.

On average, successful candidates go through five rounds of interviews and tests. Our hiring process begins by meeting with our People Team, who help facilitate the process of placing you in your new role. You can expect to share your experience and ideas in online video interviews with our hiring team, made up of management and potential new colleagues.

Submitting your resume now ensures that you're first in line when new opportunities arise. By doing so, you'll have a head start in the selection process and get a chance to showcase your skills and experience.

Get started on your application here!