About the company
WOO democratizes access to top-tier liquidity and exceptional trading execution while keeping costs competitive. We take pride in our two platforms WOO X, a pioneering crypto exchange dedicated to transparency and trustworthiness, and WOOFi, a top 15 DEX by 24-hour volume. Our native token, $WOO offers token holders a unique position to participate, engage, and maximize the benefits of both the DeFi and CeFi ecosystem. Our team of highly-selected 170 employees works from 12 cities across eight countries in Europe and Asia 🚀
Job Summary
What you’ll be working on:
📍Set security controls and design requirements during the software creation and development stage of the software lifecycle. Lead and involve constant and dynamic app security testing, ensures that security across all aspects of the software is uniform by setting up checkpoints. 📍Solid knowledge of web applications security, strong source code auditing skills, and understanding of the causes and solutions of the different types of security vulnerabilities. 📍Experience with at least one mainstream SAST and DAST tool, work with develop teams during all phases of the SDLC to ensure that applications are designed and implemented securely. 📍Understanding the basic techniques of penetration testing and security testing. 📍Sufficient understanding of cryptography and mainstream encryption and decryption algorithms. 📍Investigate vulnerability reports related to Woo products and services. 📍Support other security team projects such as threat modeling, vulnerability scanning and audits.
Why work with us:
📍Join us in realising our vision in advancing decentralisation, and leading innovation in CeFi and DeFi. Enjoy work flexibility, a supportive team, and an environment that nurtures your ideas. Plus, expect a performance-based annual bonus for all contributors at WOO 💪
About you:
📍5+ years of total experience in a security role. 📍Experience automating security tests in cloud based CI/CD pipelines,such as GitLab-CI or jenkins.(must be have) 📍Experience working with SAST, DAST, SCA testing processes and tools, such as Fortify, Chechmarx, Snyk, Acunetix or AppScan.(must be have) 📍Self-motivated and creative problem solver able to work independently with minimal guidance. (must be have) 📍Strong ability to work collaboratively across teams. (must be have) 📍Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management.(must be have) 📍Understanding working on applications deployed within GCP and K8S highly desired. 📍Experience with common attack techniques and conducting penetration tests. 📍Working knowledge of public and private key cryptography. 📍Bachelor's degree in computer science, computer engineering, cyber security or related field. Equivalent experience is also accepted. 📍Certifications such as OSCP or experience to get CVE number will receive favorable consideration but are not required.
