Product Security Engineer

Chainalysis

Chainalysis

Other Engineering, Product
Ireland
Posted on Friday, June 7, 2024

We are the security engineering team, skilled in cybersecurity, cloud security, application security, and regulatory compliance. Our global distribution allows us to leverage unique experiences and skillsets to build and operate security services that safeguard our platform. We prioritize a proactive approach to prevent security issues and stay ahead of potential threats, ensuring the continuous protection of our services.

The Product Security Engineer is responsible for designing and implementing robust security frameworks to protect our software and infrastructure. This role involves conducting regular security assessments, including Cloud, Kubernetes, and our Products, to identify and address vulnerabilities. Additionally, the engineer will collaborate with development teams to integrate security practices throughout the software lifecycle, ensuring that all products meet the highest security standards before deployment.

In this role, you’ll:

  • Design, implement, and maintain secure cloud infrastructures using tools like Kubernetes and Terraform.

  • Develop and manage Infrastructure-as-Code (IaC) solutions to automate and secure infrastructure deployments.

  • Analyze and apply findings from static and dynamic application security testing to enhance system security continuously.

  • Integrate security protocols and standards into the software development lifecycle to ensure robust and secure product releases.

  • Enhance security measures across cloud environments (AWS, GCP) and ensure compliance with regulatory standards.

  • Work with cross-functional teams to implement security best practices and enhance security features within product designs.

  • Conduct regular security assessments to identify and remediate infrastructure and cloud security weaknesses.

  • Continuously analyze and apply findings from security testing to enhance system security.

We’re looking for candidates who have:

  • Infrastructure Expertise: Strong experience in designing, deploying, and managing secure cloud infrastructures using Kubernetes and Terraform.

  • Cloud Platforms: Proficiency in AWS and GCP, with a focus on implementing and managing security services.

  • Application Security Experience: Experience using SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) to identify and remediate security vulnerabilities in software applications.

  • Infrastructure-as-Code: Hands-on experience with Infrastructure-as-Code (IaC) tools, particularly Terraform.

  • Collaboration Skills: Excellent communication skills, both verbal and written, for effective collaboration with cross-functional teams.

  • Security Best Practices: Understanding of secure coding practices, though the primary focus is on infrastructure and cloud security.

  • Excellent communication skills, both verbal and written

Nice to have experience:

  • CI/CD Pipeline experience to assess, build, automate a Secure CI/CD pipeline

Technologies we use:

  • Coding Languages - Java, Javascript, Python,

  • IaC - Terraform

  • Cloud - AWS, GCP

  • CI/CD Pipeline - Github, Github Actions, Jenkins

  • API’s - REST API’s

About Chainalysis

Blockchain technology is powering a growing wave of innovation. Businesses and governments around the world are using blockchains to make banking more efficient, connect with their customers, and investigate criminal cases. As adoption of blockchain technology grows, more and more organizations seek access to all this ecosystem has to offer. That’s where Chainalysis comes in. We provide complete knowledge of what’s happening on blockchains through our data, services, and solutions. With Chainalysis, organizations can navigate blockchains safely and with confidence.

You belong here.

At Chainalysis, we believe that diversity of experience and thought makes us stronger. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. Some of the ways we’re ensuring we keep learning are an internal Diversity Committee, Days of Reflection throughout the year including International Women’s Day, Harvey Milk Day, World Humanitarian Day, and UN International Migrants Day, and a commitment to continue revisiting and reevaluating our diversity culture.

We encourage applicants across any race, ethnicity, gender/gender expression, age, spirituality, ability, experience and more. If you need any accommodations to make our interview process more accessible to you due to a disability, don't hesitate to let us know. You can learn more here. We can’t wait to meet you.