#вакансия #vacancy #удаленная #remote #crypto #fintech #AppSec

Application Security Business Partner

An experienced Application Security Business Partner is required for an international crypto company. You will work closely with several development teams to develop application security practices throughout the entire product lifecycle. This role combines deep technical expertise with active stakeholder engagement and focuses on embedding security into the development process, from early design stages through release and ongoing operation.

Key Responsibilities:

• Close collaboration with development teams to analyze business requirements and assess their impact on the security of applications and services. • Conducting threat modeling for applications and services, providing recommendations for protective measures and security controls. • Developing application security requirements and monitoring their implementation at all stages of development. • Performing security reviews of architecture, source code, and release artifacts, including application and service security testing. • Tracking and controlling vulnerability remediation, working directly with engineering teams to close risks in a timely manner. • Collaborating with DevSecOps teams to integrate security tools and scanners into CI/CD pipelines. • Conducting regular security testing and code reviews to enhance the overall security posture of products and services.

Requirements:

• Practical experience in application security or a related role in security engineering. • Deep understanding of common threats and vulnerabilities (OWASP Top 10, OWASP Mobile Top 10, CWE Top 25). • Knowledge of application security standards and best practices, ability to apply frameworks (OWASP ASVS, WSTG) in practice. • Understanding of infrastructure fundamentals, containerization, and related security risks. • Experience working with microservice architecture and approaches to securing distributed systems. • Programming experience in Go, Python, or JavaScript will be a significant plus.

What We Offer:

• Remote-first company – the opportunity to work from anywhere in the world. • Fully flexible schedule. • Extended vacation: 20 paid days + 12 additional bonus days per year. • 100% paid sick leave. • Paid English lessons (iTalki). • Support for professional development (courses, certifications, training). • Opportunity to influence the product and take responsibility in fintech and cryptocurrency projects. • Salary in USDT. • Employment under a Service Agreement.