TRM Labs · 1 day ago
Senior or Staff Software Engineer, Product Security
San Francisco Bay Area
Full-time
Remote
Senior Level, Lead/Staff
$200K/yr - $230K/yr
8+ years exp
Maximize your interview chancesBig DataBlockchain
Insider Connection @TRM Labs
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Lead application security reviews and threat modeling, including secure code review, architectural design, and testing
Develop automated testing and mature our Secure SDLC
Own and perform application security vulnerability management
Coordinate penetration testing engagements
Support software engineers and product teams by developing application security best practices
Develop and maintain the bug bounty program
Bootstrap platform security initiatives that help protect TRM data
Inspire a culture of security across the engineering organization by fostering security champions within engineering teams and coordinating secure code training.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Minimum 8 years of experience in Software Development and testing.
BS (or equivalent) in Computer Science, Computer Engineering, or related field.
Proficiency in software development languages: Python, NodeJS, React
Strong understanding of encryption, authentication, and authorization protocols
Deep experience with common software flaws (e.g., OWASP and CWE), testing methodologies, and using common security tooling for testing.
Professional experience with open source, commercial, or native security solutions for cloud providers such as GCP and AWS. Experience with modern secure software development lifecycles, threat modeling, and best practices.
Experience with conducting efficient and comprehensive code security reviews on a daily or weekly basis
Experience triaging and remediating vulnerabilities in software packages or libraries
Experience with Software Security tools such as Github advanced security or other SAST, DAST, and SCA tools
Experience with Web application testing frameworks such as BurpSuite, OWASP ZAP, etc.
Experience with Threat modeling tools such as OWASP Threat Dragon, etc.
Experience working in a previous agile-based software development role required
Experience Red Teaming or penetration testing applications and infrastructure
Professional experience with cloud providers (e.g., GCP and AWS), modern secure software development lifecycles, and best practices.
Strong written and verbal communication skills.
Preferred
Security certifications such as OSCP, CEH, GWAPT are a plus.
Familiarity with security frameworks (e.g., NIST SP 800-171 SSDF) is a plus.
Benefits
May be eligible to participate in TRM’s equity plan
Company
TRM Labs
TRM helps financial institutions, crypto businesses and federal agencies detect and investigate crypto-related financial crimes.
201-500 employees
H1B Sponsorship
TRM Labs has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (2)
2022 (3)
2021 (2)
Funding
Current Stage
Growth StageTotal Funding
$149.9MKey Investors
Thoma BravoJP Morgan ChaseTiger Global Management
2022-11-09Series B· $70M
2022-04-04Series B· Undisclosed
2022-02-28Series Unknown· Undisclosed
Leadership Team
Esteban Castaño
Co-Founder & CEO
Rahul Raina
Co-Founder & CTO
Company data provided by crunchbase
