116 applicants

This job has closed.

Company

Gemini · 12 hours ago

Senior Application Security Engineer

United States

Full-time

Remote

Senior Level

$152K/yr - $190K/yr

5+ years exp

Maximize your interview chances

CryptocurrencyFinance

H1B Sponsor Likely

Insider Connection @Gemini

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Support the Gemini Secure Software Development Lifecycle as an application security subject matter expert through design review, threat modeling, code review, and penetration testing

Collaborate and advise engineering teams on application security best practices and vulnerability remediation

Perform deep-dive security reviews to ensure all Gemini products and services follow secure design principles across our product portfolio (web, mobile, and APIs)

Develop tools and research to scale the Product Security team

Create and deliver hands-on software security training to engineering teams to increase security awareness

Participate in the Application Security on-call rotation to support engineering teams during incidents

Manual source code review

Penetration testing

Design and implementation review

Threat modeling

Design and implementation consultation

Continuous assurance activities

Risk identification and categorization / management

Engineering education and engagement

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Application SecurityThreat ModelingPenetration TestingSecure Code ReviewDesign ReviewMicroservice ArchitecturesCloud-native EnvironmentsPythonScalaC++JavaScriptVulnerability Remediation

Required

5+ years of experience in application security or similar roles

Ability to perform design reviews, threat modeling, secure code reviews, or penetration testing with an attacker mindset

Strong background in application security best practices and familiarity with common vulnerabilities (e.g. SSRF, race conditions, privilege escalations, etc.)

Some background in development or scripting experience (Python, Scala, C++, or JavaScript)

Familiarity with and ability to understand business objectives, business context, and security risk

Strong communication skills and the ability to collaborate on a cross-functional team

Preferred

Experience with microservice architectures

Experience with cloud-native environments

Experience with preventing application security vulnerabilities through secure design patterns, automated tooling, or frameworks

Benefits

A discretionary annual bonus

Long-term incentive in the form of a new hire equity grant

Comprehensive health plans

401K with company matching

Paid Parental Leave

Flexible time off

Company

Gemini

Glassdoor

3.3

Gemini is a licensed digital asset exchange and custodian built for both individuals and institutions.

Founded in 2014

New York, New York, USA

501-1,000 employees

https://gemini.com

H1B Sponsorship

Gemini has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (2)

2022 (31)

2021 (35)

2020 (11)