About the job
Pundi X is a blockchain-based fintech company with a mission to make blockchain technology accessible to everyone. We operate globally in 7 different countries. All of our team members are technology focused with a broad spectrum of expertise from coding to finance and from marketing to legal and regulatory. Our products have been shipped to over 30 countries including Argentina, Brazil, El Salvador, South Korea, Turkey, Taiwan, Uganda, the USA and more. We have grown from 15 people in 2017 to nearly 100 in 2022.
We are proud to be a community-driven project and we have a very strong and engaged community across social media platforms. We are honored to be listed among the top 50 most intriguing emerging Fintech companies by KPMG in 2018. Pundi X headquarters operates in compliance with Singapore’s Payment Services Act and the Regulations of the Monetary Authority of Singapore. Pundi X has been granted an exemption from holding a license under that Act for our specific payment services while our license application is under review. Pundi X is a founding member of Asosiasi Blockchain Indonesia and also active in other blockchain associations globally.
We are looking for people to join our team who are passionate, result-driven professionals and willing to learn and grow with the company. Pundi X offers a fast-paced, innovative environment where you will be provided the tools, resources and outstanding leadership to promote cryptocurrency adoption and blockchain-based services. Join us and take your career to the next level!
- Perform application security-focused code reviews.
- Developing and maintaining web3 application security policies and procedures.
- Support and consult with development teams in the area of application security, including threat modelling and app sec reviews.
- Conduct penetration testing and vulnerability scanning, perform security review of application related, ensuring compliance to MAS TRM guidelines.
- Develop or make use of manual/automated scanning/monitoring tools for detecting vulnerabilities, smart contracts and blockchain and signal risk warnings to the relevant team
- Implementing the bug bounty program
What you’ll need
- Degree in Computer Science or related fields
- Minimum of 2 years of experience or 5 years above for senior level in application security or related fields
- Familiar with OWASP Top 10 and Mitre Attack Framework
- Knowledge on risk assessments & MAS TRM Guidelines
- Outside-the-box thinking to anticipate possible threats
- Interest in expanding into blockchain and crypto
- Public profiles such as bugcrowd, hackerone, hackthebox, etc.
What you might want to know
- We encourage white or black hats to join us.
- Security Certifications such as OSWE, OSEP, GWAPT an advantage
- Cryptographic knowledge is a plus.
- Based or able to relocate to Singapore.
- If you exhibit strong security or hacking skills, you may apply regardless of age, location, qualifications.
Please send your CV entitled “Application Security Engineer” to [email protected] Join us!