CEX.IO is one of the first decentralized finance ecosystems to allow customers to purchase crypto with a credit or debit card. With over 5 million registered users globally, we have a spectrum of products and services for investors of all experience levels - from the ?crypto curious? beginner to the ?crypto serious? professional trader. We are a regulated entity that?s operational globally, and in 48 states across the U.S.
We?re looking for a talented QA Specialist to join our team.
Responsibilities:
- Work jointly with Development Teams, QA, Architects and Security teams to review application code and to tune selected tools for evaluation and reporting on security posture of applications and back-end systems.
- Assist in conducting web and mobile application security vulnerabilities assessments using Static Application Security Test (SAST) and Dynamic Application Security Test (DAST) using scanning tools / manual checks and notify the appropriate teams to take necessary actions.
- Complete project tasks to enable the on time, within budget and scope delivery of information security projects.
- Assist in the identification of potential security exposure that may currently exist or may pose a potential future threat to the organization.
- Assist in troubleshooting security issues, evaluates security risk assessments and presents security information to workforce and management.
- Apply an understanding of modern web application development languages necessary to communicate mitigating controls and potential remediation activities.
- Assist workforce with security based questions and problems.
Requirements:
- 2+ years of experience of working in the domain of source code security including a thorough understanding of CWEs, CVEs, CPEs and how the vulnerabilities that they represent are exploited by hackers
- Ability to run Security Vulnerability Testing tools, Static Analysers, and other relevant security analysis tools (e.g. Facebook's Infer, VisualCodeGrepper, Deep dive, LGTM, PMD, Sink Tank, SonarQube, Spot bus, Jlint, Error Prone, Find bugs sec, Veracode)
- Scripting and object-oriented programming experience (Java, Javascript, Typescript, C++, Python, etc.)
- 2+ years of experience in Information Security and Systems Analysis
- 2+ years of experience with Technology Platforms and Application Development Tools
- 2+ years of experience with Business Process
- 2+ years of experience with Software Development Lifecycle
Tipo de oferta: Período Integral
Horário de trabalho:
----