We are the security engineering team, skilled in cybersecurity, cloud security, application security, and regulatory compliance. Our global distribution allows us to leverage unique experiences and skillsets to build and operate security services that safeguard our platform. We prioritize a proactive approach to prevent security issues and stay ahead of potential threats, ensuring the continuous protection of our services. The Product Security Engineer is responsible for designing and implementing robust security frameworks to protect our software and infrastructure. This role involves conducting regular security assessments, including Cloud, Kubernetes, and our Products, to identify and address vulnerabilities. Additionally, the engineer will collaborate with development teams to integrate security practices throughout the software lifecycle, ensuring that all products meet the highest security standards before deployment. In this role, you’ll: Conduct penetration testing and security assessments to identify vulnerabilities and ensure robust security measures. Develop and maintain custom security tools and scripts to automate and enhance security processes. Collaborate with development teams to integrate secure coding practices and solutions into both front-end and back-end systems. Review and improve security within CI/CD pipelines, integrating tools like SonarCloud and Wiz for continuous security assurance. Perform security audits and code reviews, offering guidance through pull requests and collaborative sessions. Analyze and address security issues by providing expert advice and actionable solutions to maintain the integrity of applications. We’re looking for candidates who have: Experience working within a Security Engineering team. Hands-on experience in penetration testing and security assessments, with a strong ability to identify and mitigate vulnerabilities. Excellent communication skills, both verbal and written, for effective collaboration with cross-functional teams. Proficiency with security tools like Burp Suite, Sonarcloud, Jfrog, and Wiz. Ability to create custom scripts using Python to enhance automation. Proficient coding skills with a focus on security, particularly in Java, Python or Go. In depth knowledge of cloud security practices, specifically on platforms such as AWS or GCP. Experience integrating security tools into CI/CD pipelines, and a demonstrated ability to automate security testing within development workflows. Nice to have experience: Familiarity with blockchain or cryptocurrency security challenges and solutions. Experience with Infrastructure as Code (IaC), particularly reviewing and securing Terraform code. Certifications such as CISSP, OSCP, or similar credentials, demonstrating a formalized knowledge of security principles and practices. Technologies we use and teach: Coding Languages: Java, Python, and Javascript IaC: Terraform Cloud: AWS, GCP, Cloudflare CI/CD Pipeline: GitHub, GitHub Actions, Jenkins APIs: REST APIs About Chainalysis Blockchain technology is powering a growing wave of innovation. Businesses and governments around the world are using blockchains to make banking more efficient, connect with their customers, and investigate criminal cases. As adoption of blockchain technology grows, more and more organizations seek access to all this ecosystem has to offer. That’s where Chainalysis comes in. We provide complete knowledge of what’s happening on blockchains through our data, services, and solutions. With Chainalysis, organizations can navigate blockchains safely and with confidence. You belong here. At Chainalysis, we believe that diversity of experience and thought makes us stronger. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. Some of the ways we’re ensuring we keep learning are an internal Diversity Committee, Days of Reflection throughout the year including International Women’s Day, Harvey Milk Day, World Humanitarian Day, and UN International Migrants Day, and a commitment to continue revisiting and reevaluating our diversity culture. We encourage applicants across any race, ethnicity, gender/gender expression, age, spirituality, ability, experience and more. If you need any accommodations to make our interview process more accessible to you due to a disability, don't hesitate to let us know. You can learn more here. We can’t wait to meet you.