About Hashgraph:
Hashgraph is a fast-growing software company committed to supporting, developing and servicing Hedera, an open source, proof-of-stake platform. Hedera is EVM-compatible and has been specifically built to meet the needs of enterprise and Web3 applications, which require speed, security, stability and sustainability. Hedera’s public network is governed by industry-leading organizations, spanning 11 sectors and 14 regions who oversee the development and direction of the decentralized platform.
You may find yourself doing all of the following:
Conducting thorough security reviews of the company’s products throughout the development lifecycle, including the design, implementation, and release phases
Collaborating with cross-functional teams to identify security vulnerabilities and recommend mitigation strategies
Developing and maintaining security testing methodologies and procedures
Implementing and managing automated security testing tools and processes
Providing guidance and support to development teams on secure coding practices and security best practices
Staying current with industry trends and emerging threats to inform and enhance product security measures
Assisting in incident response activities related to product security incidents
Participating in security awareness training programs for internal stakeholders
Qualification Requirements:
Minimum 6 years of experience in application or product security, including 2-3 years of experience in software development or related field
Familiarity with common security vulnerabilities and attack vectors
Hands-on experience with security testing tools such as static analysis, dynamic analysis, and fuzzing tools
Strong understanding of secure coding practices and principles (mainly Java and Solidity)
Other skills that are great to bring with you but that we can help you develop:
Relevant certifications (e.g., OSCP, OSEP, OSWA, OSWE)
Experience in Bug bounty, Security Research, CVE publications, Red teaming, and attack surface management
Experience with cloud environments (e.g., GCP, AWS)
Understanding of common programming languages and scripting languages, such as Python, PowerShell, or Bash
Experience with containerization and orchestration technologies, such as Docker and Kubernetes, and their associated security best practices
Knowledge about web3 / Blockchain / Crypto
$60,000 — $100,000/year
To apply for this job, please visit the application page
