Responsibilities:

📍Assess and Review CoinSwitch products in detail to discover vulnerabilities and collaborate with the other security engineers to practically demonstrate the exploitability and risk factors. 📍Be on the forefront of emerging vulnerabilities / threats which could affect CoinSwitch and its operations. 📍Secure Architecture and SDLC: Design and build secure systems across all layers (Application, Infra, enterprise), implement AppSec and 📍Secure SDLC practices including SAST, DAST, and SCA. Decent understanding of AWS Cloud and Container security best practices for containerization, ECS, and Kubernetes, and managing secrets/key management. 📍API Security: Ensure the security of GraphQL and REST APIs. DevSecOps and Automation: Drive DevSecOps enablement by integrating security into CI/CD pipelines and implementing . 📍Vulnerability Management and Testing: Lead internal/external VAPT, conduct penetration testing (web, API, mobile, cloud), and manage bug bounty programs and the Coordinated Vulnerability Disclosure (CVD) process. 📍Vulnerability Remediation and Hardening: Drive post-VAPT remediation, manage vulnerability scanning, track mitigation. 📍Collaborate with engineering, DevOps, and IT to embed security in all the systems. 📍Security Automation : Automate security testing and improve productivity in security assessments.

Requirements:

📍6-9 years of experience in Security Engineering, AppSec, Product Security DevSecOps, or a related security-focused role. 📍Strong understanding of secure architecture principles for network, OS, and application layers. 📍Hands-on experience with AppSec tooling (SAST, DAST, SCA) and implementing Secure SDLC. 📍Experience in Mobile Application Security Testing and tools used. 📍Deep knowledge of secrets and key management solutions.

The crypto industry is evolving rapidly, offering new opportunities in blockchain, web3, and remote crypto roles — don’t miss your chance to be part of it.