Head of Application Security (AppSec)
Parity Technologies · Berlin · full-time
Wen wir suchen
About the position (or What you will do)
You would need to:
- be that important link helping security researchers (be that independent auditors, bug bounty hunters or even yourself) and engineers in charge of the code understand each other;
- help teams learn state of the art security practices and embed them into day-to-day work;
- perform a lot of threat modelling and other pre-audit documentation work to help us get most kick for the (quite significant) buck we spend on those audits;
- hone and improve our security-related processes like bug bounty and internal vulnerability response;
- and of course this is not a single-man job, so you’d be building and growing a team to help you with those challenges.
We expect you to:
- know your security tools and approaches: you should be leading our way when setting up SAST, DAST, fuzzing, property-based testing, symbolic execution, network simulation tools and such;
- have exposure to cryptography, decentralized networking, hardware key management solutions;
- have understanding of modern blockchain tech landscape and the new classes of threats it experiences;
- have experience in threat modelling, red/blue teaming, working with best in class independent security teams and turning their findings into actual deployed fixes in our codebase;
- be able to help with hiring, lead the resulting team and set up security practices all around the company;
- be a self-starter: most of the time there would be little guidance on which areas to work on first and what to improve there. You’re expected to determine that yourself, keeping company-wide goals in mind, and drive those initiatives to completion.
And ideally also:
- Rust knowledge;
- Prior work experience in blockchain/cryptocurrency fields;
- located in or willing to relocate to Berlin, Germany;
- A background in open source software development;
- Passionate about Web 3.0 and what it represents for the future;
- Have an interest in Parity and accompanying technologies such as Substrate.
The team at Parity builds core infrastructure to power a better internet. We do this by innovating in and fostering the open source ecosystem surrounding blockchain development, also known as Web 3.0.
Every day we interact with technologies controlled by a handful of large companies whose interests often conflict with our own. Despite that conflict, we still use their software either because many of the benefits seem to outweigh any perceived risk, we feel there is no choice, or there is no better alternative. As a result, we end up granting such companies access to our personal data which, in turn, gives them far-reaching control over our digital lives and in that, unprecedented influence over a multitude of globally impactful initiatives and innovations.
Parity Technologies is a team of the world’s premiere blockchain developers building industry-leading technologies that enable developers to create the next wave of better products and services that respect the freedom and data of individuals. You’ll join at a critical moment when the future of the decentralized web is being shaped, and perform an influential role in making a more equitable society for our future.
We primarily steward the Substrate ecosystem which includes Polkadot and Kusama, both of which are next-generation, sharded, multichain networks. Our flagship product, Substrate, is an open-source modular and extensible blockchain-building framework that allows rapid innovation and fast deployment of custom built blockchains. Substrate provides the core building blocks of blockchains built for deployment to Polkadot and Kusama. Our key programming language is Rust, and all of our work is open source.
Not a perfect match to our requirements? We're happy to receive your application anyways and hear how you think you can help us achieve our mission.
Wer wir sind
At Parity Technologies we maintain and create blockchain software: dealing with P2P networking, consensus algorithms, cryptography, databases, and decentralized applications can be expected. We strive to write the fastest, lightest, and safest core technology in Blockchain and write lots of open-source code. Parity Technologies is based in Berlin and London, but remote work is possible for the right people and we are flexible on location. We are looking for someone experienced with blockchain technologies and related cryptographic and/or similar algorithmically complex systems. You will be responsible for implementing domain-specific research and will be a bridge between research and development. We are doing stuff no one else is doing. Parity works in a very flat hierarchy with lots of autonomy and high levels of personal responsibility, and we try to mimic an open-source workflow in much of what we do.