Parity Technologies is hiring Web3 Web3 Rust AppSec Engineer

Desired Qualifications

• Solid experience with Rust, this is a must.

• Proficiency in managing third-party security code reviews and actioning findings.

• Adequate collaboration skills with engineering teams in code review resolutions.

• Demonstrated success in aligning stakeholders in code review findings.

• Proven capability in building strong partnerships with engineers.

• Exposure to cryptography, decentralised networking, hardware key management solutions. Basics at least, we want you to be motivated to learn more.

• A wide array of security tools and approaches: this is very much a hands-on role so you should be experienced in setting up SAST, DAST, fuzzing, property-based testing, symbolic execution, network simulation tools and such.

• Experience using common penetration testing tools

• Proficient in composing detailed technical reports and adept at conveying complex technical concepts to non-technical audiences in an understandable manner.

• A self-starter attitude: most of the time there would be little guidance on which areas to work on first and what to improve there. You’re expected to determine that yourself, keeping company-wide goals in mind, and drive those initiatives to completion.

• If possible, we'd also love you to have:

• A risk-based, solution-oriented approach to resolving security issues.

• Experience in threat modelling, working with best in class independent security teams and turning their findings into actual deployed fixes in our codebase;

• Relevant security certifications are a plus, but not required (OSCP, OSCE, GPEN, GWAPT, LPT)

• Ideally prior work experience in blockchain/cryptocurrency fields.

• A background in open-source software development.

• Passionate about Web 3.0 and what it represents for the future.

Duties & Responsibilities

We are seeking an innovative and accomplished Rust AppSec Engineer to join the Parity Security team. You will take a critical role in upholding the security of Parity Technologies products.

You will influence the technical architecture of new and existing products, ensuring that security is a keystone in their designs. You would be the owner of Application security of products through and threat modelling, and contributing towards internal tooling and integration to ensure that security is baked into the software development lifecycle. Engineers will come to you as a trusted source of guidance for the secure development and maintenance of their products. Your insight will be consulted for strategic, practical and technical decisions, to guarantee that security is not an afterthought in our technical roadmap. You will also:

• Work with other application security engineers on technical development of projects in Rust. Contributing to the main public open-source projects shaping the future of the ecosystem.

• Provide technical expertise and guidance for developers around the secure development of their products.

• Perform assessments of products, such as security code review, security fuzzing, partnership with external security audit suppliers and/or white hat, or services that are being tested but are not yet in production.

• Sympathise with the goals trying to be achieved by other teams; help to push solutions out securely rather than just blocking solutions outright. We're here to work with others getting their products out in a manner that's secure for our ecosystem, not to just reject solutions without context.

Salary & Benefits

Competitive remuneration packages based on iterative market research, including tokens (where legally possible)

“Future of work” environment that’s remote-first and self-initiating with flexible hours

Team mates that are genuinely excited about their impact and projects

Access to the brightest minds in this space to learn about Web3 and develop your skills and knowledge while on the job

Becoming part of the wider ecosystem (career and networking opportunities)

Team and company-wide retreats

Work laptop and equipment

Opportunity to relocate to United Kingdom, Germany or Portugal (with visa sponsorship)

Those joining our collective as an employee in Germany, Portugal, and the U.K. also enjoy benefits such as health care, parental leave, PTO (28 days per year), local team events, yearly L&D budget, and language classes.

Our Company

As stewards of the Polkadot and Substrate ecosystem, Parity is laying the foundation for a better web which respects the freedom and data of individuals and empowers developers to create better services through decentralised technology. The internet is too important to billions of people for it to be at the mercy of a few powerful companies.

With a remote-first, global team of 340+ people, Parity is building open-source technologies for developers and organisations to implement and build upon. Our Web3 tech stack includes Polkadot, Substrate, and Kusama.

We believe in a decentralised web that respects the freedom and data of individuals and empowers developers to create better services. Our vision is to create a world based on truthful, rather than trustful, interactions. Our mission is to make Polkadot the most active and innovative community in blockchain.

Other

Parity is an Equal Opportunity Employer. We welcome diversity in our global team and care about everyone in our collective feeling included and welcome.

View our Applicant Notice to see how we use your data.

Is this position not quite your match?Browse our other open roles.

When applying, mention the word CANDYSHOP to show you read the job post completely. This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they are human RODUuMTg3LjYuMjQwM