Staff Application Security Engineer

We are in search for an Application Security Engineer, Staff (m/f/d) to join our Security Team. In this role, you'll help shape and guide the security strategy aligned to international standard and regulatory practices across Affinidi's various workstreams and products. This includes conducting security assessments, leading application security design reviews, and overseeing threat modelling. Your technical leadership will be crucial in ensuring the successful development of a scalable and resilient holistic identity system. The location is in Berlin.

Our work culture at Affinidi is shaped by the following tenets:

• We are unapologetically customer-focused
• We invest in cultures and teams to enable high performance
• We embrace experimentation and build fast
• We have the courage to be misunderstood
• We work together to unlock data

What's in it for you:

• Driving security strategy across all the workstreams and products the teams are working on, while having a direct influence on technical design through architecture design reviews.
• Providing security assessments of Affinidi products, that includes a lot of backend services, web, mobile and desktop applications
• Providing technical leadership and subject matter expertise as a security expert to our teams with a strong focus on product security and secure design principles
• Executing and technically leading application security reviews and threat modelling, including code review and dynamic testing
• Enabling and enhancing automated security testing at scale for our entire platform to identify and proactively resolve vulnerabilities
• Supporting compliance of information security frameworks and standards, including ISO27001, OWASP, and NIST CSF
• Creating and delivering comprehensive training programs to enhance the organization's security posture, including the ability to create and foster a strong security culture among different teams and stakeholders
• Designing, architecting, developing, and deploying tooling that helps ship secure code faster
• Driving security issues remediation and incident response process to ensure risks and compliances are managed
• Working in an exciting startup environment where you can be autonomous and try new things
• Providing leadership and mentorship to engineers to ensure the successful delivery of a scalable and resilient holistic identity system.

Do you have experience in macOS?, * Have 7+ years of experience of relevant experience for the role

• Love writing and shipping code and strive for security excellence
• Have vast experience in Security, Software Engineering and Secure Architecture design
• Have strong development skills
• Have extensive expertise in cloud computing and native environments (AWS preferred) including the management of risks and vulnerabilities
• Understand design patterns and have working experience in developing and deploying microservices in the cloud
• Have strong experience in product security, including reviewing architecture decisions and guiding teams toward secure design
• Have a good understanding of Offensive security practices and techniques.
• Have a proactive, hands-on approach, with a knack for tackling technical challenges and driving solutions with a high level of expertise and impact
• Experience with information security frameworks, international standards, and regulations

Our Stack is:

• Javascript/Typescript/Node.js/Python/Rust/React/Dart
• Gitlab
• AWS
• IOS/Android
• MacOS/Windows

Bonus points if:

• You have experience with applied cryptography
• You have experience with decentralized technology
• You have experience with data privacy & data security implementations on blockchain & distributed platforms for individuals & organizations

• Hybrid working model
• Flexible working hours
• Unlimited vacation policy
• Competitive compensation package
• Work within international environment
• Learning Budget