NodeJS Application Security Engineer - Ava Labs Brooklyn, New York, United States Bookmark Share Print 115 0 0

Listing Description



In a perfect world, there would be an application security engineer for each department.  We are looking for an Application Security Engineer to focus on our Frontend and to be that security expert!


 



  • Since frontend development is a fast-moving field, the successful candidate must be able to keep pace with developments and make risk assessments of new tools and security recommendations for their use


What You Will Do



  • Work with frontend developers and product owners to ensure secure design and development of applications

  • Be the NodeJS/Javascript/Frontend technology security expert to the team and effectively communicate information to technical and non-technical team members

  • Recognize security needs and recommend suitable technologies and controls

  • Design and build security tools integrated with the CI/CD pipeline

  • Actively provide technical security direction to frontend developers of the team

  • Respond to security alerts


What You Will Bring



  • 5+ years of relevant experience

  • Strong foundation and in-depth technical knowledge of application security, with an emphasis on front-end, web application, and mobile security

  • Must be able to keep pace with frontend developments and make risk assessments and security recommendations of new tools

  • Know the OWASP Top 10 by heart, and are eager to discover their equivalent in Web 3.0

  • Experience in threat modeling system designs and implementation—how they scale, how they should fit together, and how they’re likely to break

  • Experience in design reviews and conducting code reviews with an eye for security vulnerabilities

  • Experience in triaging findings from security tools, bug bounty programs, and the external research community

  • Proficient in one or more programming languages (Node.js/Javascript, Golang experience also looked upon favorably)

  • Ability to analyze and solve complex problems

  • OSCP gets our attention, but is not required

  • Solidity / smart contract experience would be a big plus, as Web 3.0 Javascript interacts heavily with smart contracts (What's your Ethernaut score?)

  • Nice to have - security experience in Web3.0. and typescript




#LI-Remote #LI-TW1



Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!