Director - Application Security

  • Security
  • Bangalore/Mumbai, India

Director - Application Security

Job description


About CoinDCX

CoinDCX is India's largest & safest crypto exchange, with a dedicated focus on making crypto accessible. Established in 2018, CoinDCX has solved numerous problems faced by the Indian crypto community with investing and trading solutions for crypto-based financial products for retail, HNI, and enterprise customers.It is our ultimate goal, to provide the best of the crypto space with the simplest and secure solutions. Insured by BitGo and ISO Certified, CoinDCX is now India’s first Crypto Unicorn! 


Imagine,

India’s cryptocurrency markets are booming, and post the SC verdict, the industry has grown manifold. More Indians want to join this exciting new industry. However, they are unsure how to enter, who should be their partner to help them grow in this space. You help them in their journey. You introduce them to a brand that is built for them and gain their trust. You make this happen. You make a difference,


Make a difference by,

  • Technical Skills
    • Familiar with common security libraries, security controls, and common security flaws that apply to Ruby on Rails applications, NodeJS.
    • Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).
    • Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP.
    • Knowledge of browser-based security controls such as CSP, HSTS, XFO.
    • Experience with standard web application security tools such as Arachni, Brakeman, and BurpSuite.
    • Participate in development of CoinDCX with the dev team.
  • Build code quality programs
    • Proactively identify and reduce security risks.
    • Find and remove outdated and vulnerable code and code libraries.
  • Communication
    • Consult with other Developers and Product Managers to analyse and propose application security standards, methods, and architectures.
    • Handle communications with independent vulnerability researchers and design appropriate mitigation strategies for reported vulnerabilities.
    • Educate other developers on secure coding best practices.
    • Ability to professionally handle communications with outside researchers, users, and customers.
    • Ability to communicate clearly on technical issues.
  • Performance & Scalability
    • An understanding of how to write code that is not only secure but scales to a large number of users and systems.

Job requirements

  • 12 years of experience working in information security and specialised in application security with broad understanding of SAST, DAST & Developer education and awareness programs.