сегодня

appsec engineer

выше рынка на 29,1%
вакансия 422 401 ₽
в среднем 327 250 ₽
Загрузи резюме, чтобы видеть мэтчи с вакансией

генерация резюме под вакансию

Загрузи резюме в профиль, чтобы сгенерировать временное CV под эту вакансию

сопроводительное письмо

Загрузи резюме в профиль, а нейросеть определит твою категорию. Затем ты сможешь генерировать сопроводительные письма для вакансий этой категории

описание

CoinsPaid is a fintech company that builds blockchain payment infrastructure for the global economy. It designs, implements, and scales payment systems that connect digital assets with real-world financial operations to help businesses and financial institutions operate efficiently.

задачи

  • Support and continuously improve the company's Vulnerability Management process;
  • Perform vulnerability triage, risk assessment, prioritization, and remediation tracking;
  • Work with engineering teams to ensure timely remediation of identified vulnerabilities;
  • Analyze findings from multiple security tools and sources and reduce noise through effective prioritization;
  • Monitor vulnerability remediation SLAs and provide visibility into security posture through reporting and metrics;
  • Participate in threat modeling activities for new systems, services, and significant architectural changes;
  • Conduct security risk assessments and provide actionable recommendations;
  • Define and maintain application security requirements in collaboration with engineering teams;
  • Support Secure SDLC initiatives and help integrate security practices into development workflows;
  • Provide guidance to developers and DevOps engineers on vulnerability remediation and secure design practices.

требования

  • 4+ Years of experience in Application Security, Product Security, Vulnerability Management, or a related security discipline;
  • Hands-on experience managing and prioritizing vulnerabilities across applications, infrastructure, containers, and cloud environments;
  • Strong understanding of OWASP Top 10, CWE, CVSS, EPSS, MITRE ATT&CK, and risk-based vulnerability management approaches;
  • Experience with security testing technologies such as SAST, DAST, SCA, Container Security, and Cloud Security tools;
  • Experience conducting threat modeling and security risk assessments;
  • Understanding of modern software development practices and CI/CD pipelines;
  • Familiarity with Kubernetes and cloud platforms (AWS, GCP, or Azure);
  • Ability to analyze security findings and make risk-based remediation recommendations;
  • Strong stakeholder management and communication skills;
  • Nice to have: Relevant professional certifications, experience in fintech or blockchain domains.

условия

  • Flexible monthly budget of up to €230 for sports, mental health, coworking, home office, or medical expenses;
  • Budget for courses, certifications, and professional development;
  • Language learning support;
  • Medical insurance or reimbursement depending on location;
  • Access to mental health support;
  • Financial support for important life events;
  • Merch shop with rewards system;
  • Team offsites and company events;
  • Office role with relocation support.

Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.

прозрачные зарплаты в IT

Анонимные данные по зарплатам и грейдам

Посмотреть
График динамики зарплат
Откликнуться Добавить в трекер

Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.