Job Description
As a Security Engineer specializing in application systems, you will be responsible for conducting comprehensive security assessments throughout the entire lifecycle of company applications. This includes requirement reviews, code audits, and third-party component management. You will also be instrumental in building and operating security-related technical platforms such as AST (Application Security Testing), RASP (Runtime Application Self-Protection), and CodeQL. Additionally, your role will involve performing security audits for smart contracts and blockchain networks to ensure robust security measures are in place.
Key Responsibilities
- Conduct security assessments across the entire application lifecycle, including requirement analysis, code review, and third-party component evaluation
- Develop, implement, and maintain security technical platforms (AST, RASP, CodeQL) for application systems
- Perform thorough security audits for smart contracts and blockchain networks
- Identify vulnerabilities and provide effective solutions at both coding and architectural levels
- Collaborate with development teams to implement security improvements and mitigation strategies
- Stay updated with emerging security threats and technologies in application security
Job Requirements
- In-depth understanding of common application security vulnerabilities and their underlying principles
- Ability to propose and implement effective solutions for technical vulnerabilities at both code and architecture levels
- Familiarity with common technical evaluation systems for application software and practical experience in their implementation
- Experience in auditing newly deployed smart contracts and evaluating newly integrated public blockchains
- Knowledge of common risks associated with smart contracts and public blockchains, along with mitigation strategies
- Proficiency in common development languages such as Go and Java, with ability to perform code audits
- Strong analytical and problem-solving skills with attention to detail
- Excellent communication skills to collaborate with cross-functional teams
Benefits
We offer a comprehensive benefits package including two-day weekends, paid holidays, annual leave, and performance-based bonuses. Our company values work-life balance and provides opportunities for professional growth in the exciting field of application security.
