Product Security Engineer (Remote - Work from Anywhere)

  • Location
    • Remote
  • Date Posted
  • Oct. 11, 2021
  • Function
  • IT
  • Sector
  • Fintech

Xapo is an international fintech startup on a mission to protect and grow its clients’ life savings.

We’re a fully distributed team that works remotely from 50+ countries around the world. We may come from many different cultures and backgrounds, but it’s our values, our resourcefulness, and our drive that makes us Xapiens.

We work hard, think globally, and inspire each other to grow every day. If you’re the best at what you do and share our passion, we want you.

Join us, wherever you are, and help us build a digital bank worthy of the digital age at Xapo.

Position overview

We are looking for someone to help build our product security function. Reporting directly to the Product Security Lead, this exciting opportunity will have an important role in enhancing the security posture of Xapo’s products.

The role will be working closely with the stream-aligned teams to ensure the end to end security of our product. This will cover everything from the idea / design phase through to applications already in production. From threat modelling / design and code reviews to manual and automated security testing. The role will also provide input to product security training and advice on security best practises to all teams.

  • If you are a passionate, enthusiastic engineer interested in revolutionizing banking, join us!
  • Although we are headquartered in Gibraltar, this is a full time, 100% remote position. Work from anywhere!

What You’ll Do:

  • Partner with engineering to perform regular product security assessments and threat modelling.
  • Collaborate with your peers to define software/infrastructure guardrails and security abstractions
  • Engineer solutions that enable teams to self-serve on meaningful security metrics leading to faster, safer code in production environments
  • Maintain internal documentation and standards for security best practices.
  • Design and develop features to improve the security of our products.
  • Participate and support the incident detection and response process.
  • Provide security advice and mentorship to the engineering team.
  • Improve Xapo’s security pipeline for real time event monitoring and response

You Should Apply If:

  • You are comfortable explaining technical concepts like vulnerabilities and discussing effective mitigations.
  • You have a strong understanding of cloud native ecosystems (mainly AWS)
  • You have experience working with security tooling such as SAST, DAST and IAST.
  • You have experience supporting the response to security incidents.
  • You have ability to work independently in a remote setting
  • You have knowledge and experience detecting and mitigating OWASP 10 vulnerabilities
  • Strong written and verbal communication skills

Bonus points if:

  • You have worked with python codebases and frameworks.
  • You have contributed to the security industry through research, talks etc
  • You have written about vulnerabilities you have exploited or participated in bug-bounty programs
  • You have experience working in a regulated industry.
  • You have Mobile & API Security knowledge
  • Security certifications

Other requirements

  • A dedicated workspace.
  • A reliable internet connection with the fastest speed possible in your area.
  • Devices and other essential equipment that meet minimal technical specifications.
  • Alignment with Our Values.

Why work for xapo?

  • Impact globally, work remotely.
  • Shape the Future: Improve lives through cutting-edge technology, work 100% remotely from anywhere in the world.
  • Own Your Success: Receive attractive remuneration, enjoy an autonomous work culture and flexible hours, apply your expertise to meaningful work every day.
  • Expect Excellence: Collaborate, learn, and grow with a high-performance team.

About xapo

We founded Xapo to address two of the biggest issues with Bitcoin adoption: accessibility and security. In a matter of years, we developed an industry-leading platform that introduced cryptocurrency into the daily lives of millions worldwide.

Now, we’re bringing our expertise to all facets of our users’ finances. Because no matter who we are or where we’re from, we all deserve more options, more control, and more peace of mind where our money is concerned.

We’re an Equal Opportunity Employer – we believe that diversity is critical to our success as a global company. An inclusive workplace is the foundation of Xapo – it allows us to create products that cater to clients around the world.