United States or Canada USD 169,150 - 195,000 Yearly

Paxos is hiring an Application Security Engineer

About the Role

Secure critical financial and blockchain systems by combining hands-on security analysis with engineering solutions that scale. In this role, you'll focus on proactively identifying risks across web applications, APIs, cloud environments, and blockchain integrations, ensuring resilience against evolving threats.

Key Responsibilities

Conduct in-depth security assessments of applications, APIs, and cloud infrastructure to uncover potential weaknesses before exploitation.
Design and implement security tooling in Go, Java, or Ruby to empower developers with secure coding practices and real-time feedback.
Support blockchain development by evaluating security risks in Layer 1 and Layer 2 integrations, as well as smart contract interactions.
Configure and optimize Web Application Firewalls and cloud-native security controls across AWS and GCP environments.
Embed security into the software development lifecycle by building automated checks within CI/CD pipelines using GitHub Actions, GitLab CI, or Jenkins.
Lead threat modeling sessions during feature design to identify and mitigate risks early in the development process.
Track vulnerabilities from detection through resolution, coordinating with engineering teams to implement effective, lasting fixes.
Strengthen organizational security posture through developer education and participation in incident response activities.

What You Bring

Demonstrated experience in manual security testing and securing production-grade systems.
Strong understanding of OWASP Top 10, API security risks, and common vulnerability patterns (CWE).
Proven background integrating security automation into CI/CD workflows.
Familiarity with cloud security on AWS or GCP, including IAM policies, network isolation via VPCs, and WAF configuration.
Proficiency in at least one of the following languages: Go, Java, or Ruby.

Impact

You’ll help maintain the integrity of systems that power next-generation financial services. By building secure, scalable infrastructure and enabling secure development practices, you contribute directly to protecting digital assets, customer funds, and sensitive financial data in a rapidly evolving technological landscape.

Required Skills

Application SecurityManual Security TestingOWASP Top 10CWEAPI SecurityCI/CD SecurityAWS IAMGCP IAMAWS VPCCloud WAFGoJavaRubyAWSGCP GoJavaRubyOWASP Top 10CWEAPI securityGitHub ActionsGitLab CIJenkinsAWSCI/CDmanual security testingIAMVPC

Scaling your freelance income?

Invoice multiple clients effortlessly

Managing 3+ international clients? Glopay streamlines everything. One EU company, unlimited invoices, automatic compliance. You just send and get paid.

Unlimited clients & invoices

Multi-currency support

Automated tax compliance

Client portal for easy payments

Scale with Glopay

Trusted by 10,000+ freelancers

About company

Paxos rebuilds financial infrastructure to open the world's financial system to everyone. For over a decade, we’ve built blockchain infrastructure that tokenizes, custodies, trades and settles assets for the world’s leading financial institutions, like Mastercard, Visa, Robinhood, and PayPal.

All jobs at Paxos Visit website

Job Details

Department Information Technology

Category security

Posted 3 months ago