Senior Application Security Engineer

Senior Application Security Engineer Interested in working on cutting-edge blockchain technology and creating equitable access to the global financial system? Since 2014, the mission-driven team at the Stellar Development Foundation (SDF) has helped fuel the tremendous growth of the Stellar blockchain network, an open-source platform that operates at high-scale today. Developers and companies around the world build on it, and the SDF team is expanding to support the rapidly growing and changing Stellar ecosystem. SDF is looking for a Senior Security Engineer to help shape and scale the security program across the Stellar ecosystem. This isn't a policy role; it’s an operational one. You will be responsible for executing the core technical work that keeps the network and its users safe: vulnerability management, bug bounty orchestration, incident response, and detection engineering. In this role, you will: Vulnerability Management & AppSec - Orchestrate Scanning: Own the end-to-end lifecycle of our security stack (Wiz/Orca, Trivy/Grype, Semgrep/CodeQL, and Socket). You’ll manage schedules, tune outputs to reduce noise, and partner with engineering to drive remediation. - Manual Assessments: Conduct deep-dive security reviews of SDF codebases, APIs, and infrastructure configurations on a regular cadence. - Supply Chain & SBOMs: Monitor dependencies for newly disclosed CVEs using Dependabot and Socket; maintain and automate our Software Bill of Materials (SBOM) workflows. - Third-Party Audits: Manage external audits from scoping to final report—handling info-sharing, findings intake, and public-facing remediation summaries. Detection & Incident Response - Incident Leadership: Act as the lead for security incidents: managing triage, containment, forensics, and stakeholder communication through to resolution. - Detection Engineering: Dig through logs and investigate anomalies in the SIEM. You will write, tune, and maintain detection rules to ensure our alert library remains relevant and actionable. - Forensics & Hunting: Perform deep-dive forensic work (log reconstruction, lateral movement analysis) and run proactive threat-hunting exercises based on current intel. - Operational Readiness: Maintain IR playbooks and detection runbooks, ensuring they are updated with "hard-won" learnings after every significant event. Ecosystem & Community - Bug Bounty Orchestration: Manage SDF’s programs on HackerOne and Immunefi. You’ll triage submissions, calculate CVSS scores, coordinate with engineering for validation, and manage researcher payouts. - Community Engagement: Represent SDF in community forums and at conferences, sharing insights derived from real operational work rather than hypotheticals. - Developer Enablement: Write and maintain "paved road" security guidance for Stellar and Soroban developers, including secure coding standards and threat model templates. You are: - The 5+ Year Veteran: You have a decade of experience across SecOps, AppSec, or Detection Engineering, with a proven track record of owning high-volume security programs. - The SIEM Expert: You are proficient in writing complex detection logic and managing alert fatigue in platforms like Splunk, Elastic, or Chronicle. - The Battle-Tested Responder: You’ve led high-pressure incidents through the entire lifecycle, from initial "bump in the night" to the final post-mortem. - Cloud Native: You are comfortable auditing AWS environments (IAM, VPC, Logging) using tools like Prowler, Steampipe, or Cloud-native APIs. - Tech Stack Proficient: You have hands-on experience with the modern security stack: Wiz, Semgrep, CodeQL, tfsec, and osquery. - Communication Pro: You can translate a complex exploit into a clear risk assessment for leadership and a "how-to-fix" guide for engineers. Bonus points if you have: - Experience with the Stellar protocol, XDR, Horizon API, or the Soroban (Rust/WASM) smart contract ecosystem. - Deep knowledge of eBPF-based runti ... (truncated, view full listing at source)