1. Home
  2. Application Security Engineer

Offers “Station F”

New
Station F

Application Security Engineer

  • CDD
  • Paris (Paris)
Apply Now

Job description

About

Dfns is the leading Wallets-as-a-Service (WaaS) platform that helps fintechs, institutions, and enterprises worldwide simplify digital asset management and securely bring users into crypto. Our API-first approach has made Dfns the most popular developer platform to configure, automate and orchestrate digital asset applications and operations at scale. Powered by advanced security and cryptography, Dfns serves as the reliable multichain wallet backend for top players in banking, payments, trading, lending, tokenization and other financial services.

Trusted by clients like ABN AMRO, Fidelity, Standard Chartered, Stripe, and more than 100 fintechs, Dfns has created over 10 million wallets and secures $1 billion in monthly transactions with a perfect record: no hacks, no lost keys. Incubated by Techstars and Station F, Dfns has raised $28M from investors like Further Ventures, White Star Capital, Motive Partners, Bpifrance, Susquehanna, Coinbase, Semantic, Wintermute, Figment, Motier, Hashed, 6MV, and others.

Job Description

Join a team of experts to build the leading blockchain wallet infrastructure for the next financial era. As an Application Security Engineer, you report to our CISO and lead application security efforts. We’re looking for a seasoned security engineer to identify and mitigate risks, address vulnerabilities, and protect  client data. You will assess security risks, detect threats, and implement mitigation strategies while ensuring compliance with security policies. Advanced knowledge of API security, web based vulnerabilities, penetration testing , and defense-in-depth strategies is essential. The ideal candidate is passionate about security, finance and blockchain with broad expertise and a proactive approach to safeguarding systems and sensitive data. This role offers the opportunity to make a significant impact on our security posture in a fast-paced environment. Your goal: protect our software, while building security features on time .

Preferred Experience

Responsibilities

· 
Contribute to the team’s vision for building secure and reliable products, setting roadmap priorities, and meeting deadlines with high-quality outcomes.

· 
Introduce innovative solutions to address application security challenges.

· 
Conduct security reviews, including code reviews, design reviews, and dynamic testing.

· 
Implement security and cryptography solutions.

· 
Identify design flaws and logical vulnerabilities.

· 
Develop and maintain a threat modeling framework.

· 
Guide software engineers on security best practices.

· 
Manage application security vulnerabilities.

· 
Support the bug bounty program and prepare security releases.

· 
Develop automated security tests to ensure secure coding practices.

· 
Assist in penetration testing and collaborate with external penetration testing firms.

· 
Oversee the Secure Software Development Lifecycle (SSDLC).

· 
Design, research, and execute attacks to improve defensive strategies.

· 
Publish blog posts and present at security conferences on discovered vulnerabilities.

· 
Stay abreast on developments in crypto and blockchain to guide strategic goals.

Requirements

· 
8+ years of experience as a Security Engineer or in a similar role.

· 
2+ years of experience in crypto, working on blockchains.

· 
Bachelor's degree or higher in computer science or similar field.

· 
Familiarity with securing APIs and smart contracts.

· 
Familiar with security libraries, controls, and common vulnerabilities.

· 
Ability to assess and prioritize threats based on potential impact.

· 
Strong understanding of supply chain attacks.

· 
Experience with penetration testing tools and methodologies.

· 
Familiarity with static and dynamic application security testing tools .

· 
Deep knowledge of network and web protocols.

· 
Expertise in secure networking implementation and applied cryptography.

· 
Experience with vulnerability management processes.

· 
Familiar with cloud security best practices.

· 
Ability to work collaboratively with development, DevOps, and product teams.

· 
Knowledge of industry standards like ISO 27001, NIST, or CIS.

· 
Understanding of compliance requirements such as GDPR, SOC 2, or PCI DSS.

· 
Hands-on experience with secure coding practices and secure software development lifecycle (SSDLC).

· 
Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.

· 
Experience with Typescript and Rust (or similar languages).

· 
Relevant certifications are a plus (e.g., CISSP, CEH, OSCP, GWAPT).

Recruitment Process

Process

· 
Intro call with Co-CEO (30 min).

· 
Personality and cognitive tests (30 min).

· 
Interview with CISO (30 min).

· 
Coding test in a language of your choice.

· 
Focus interview with hiring panel (90 min).

· 
Reference calls and background checks.

Terms

· 
Title: Application Security Engineer

· 
Salary: 120,000-160,000 per year (full-time work contract).

· 
Equity: 300-600 stock options (i.e., 0.1-0.2%) vested over 4 years.

· 
Location: France or EU (fully remote with optional access to office)

· 
Equipment: MacBook Pro and other work essentials.

Additional Information

·  Contract Type: Full-Time
·  Location: Paris
·  Education Level: Bachelor's Degree
·  Experience: > 7 years
·  Possible full remote
·  Salary: between 120000 and 160000 / year

Make every future a success.
  • Job directory
  • Business directory
    •