About the company
The global financial ecosystem is changing. Revolutionary blockchain technology has unlocked the potential for people around the world to have more equal access to wealth and information. This transformation has begun with the mass global adoption of cryptocurrencies but like all new financial systems, it needs greater trust to realize its full potential and remain safe from bad actors. That’s where we come in. The Chainalysis blockchain data platform enables businesses, governments, and banks to solve the world’s most high-profile criminal cases, paving the way for an economy built on blockchains.
Job Summary
In this role, you’ll:
📍Conduct penetration testing and security assessments to identify vulnerabilities and ensure robust security measures. 📍Develop and maintain custom security tools and scripts to automate and enhance security processes. 📍Collaborate with development teams to integrate secure coding practices and solutions into both front-end and back-end systems. 📍Review and improve security within CI/CD pipelines, integrating tools like SonarCloud and Wiz for continuous security assurance. 📍Perform security audits and code reviews, offering guidance through pull requests and collaborative sessions. 📍Analyze and address security issues by providing expert advice and actionable solutions to maintain the integrity of applications.
We’re looking for candidates who have:
📍Hands-on experience in penetration testing and security assessments, with a strong ability to identify and mitigate vulnerabilities. 📍Excellent communication skills, both verbal and written, for effective collaboration with cross-functional teams. 📍Proficiency with security tools like Burp Suite, Sonarcloud, Jfrog, and Wiz, and the capability to create custom scripts using Python to enhance automation. 📍Proficient coding skills with a focus on security, particularly in Java and/or JavaScript. Alternative languages include Python and Go. 📍Extensive knowledge of cloud security practices, specifically on platforms such as AWS and GCP. 📍Experience integrating security tools into CI/CD pipelines, and a demonstrated ability to automate security testing within development workflows.