Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 250 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.
Responsibilities
Design and implement secure application architectures, considering factors like authentication, authorization, data protection, and vulnerability management etc. Develop and maintain secure coding guidelines and standards. Conduct architectural / security requirement reviews to identify/assess potential security risks and mitigate security risks that may be caused by new products, new functions, bug fixes, etc.. Develop and implement security controls and countermeasures to mitigate identified risks. Conduct regular security audits or penetration testing. Ensure compliance with relevant security standards and regulations (e.g., OWASP). Stay up-to-date with the latest security threats and vulnerabilities and incident in the community etc. For the company's product business area, conduct pre-research to deep understand the business and reserve security tech researchGradually form a basis for risk identification based on different products and security solutionCommunicate security risks and recommendations to stakeholders. Provide guidance and mentorship to the teams on security suggestions and secure coding practices. Requirements
A bachelor's degree or above in computer science or a related fieldMore than 6 years of application security experience or software development, more than 10 years is preferredStrong understanding and execution of software development principles and SDLCProficient in mainstream Web application development technology, Java-based tech stack is preferredProficient in the causes and solutions of OWASP TOP 10 security issuesProficient in technical implementation of common security solutionsUnderstand the basic techniques of penetration testing and security testingFamiliar with the use of static security scanning tools for code, as well as problem analysis and solution designUnderstand the basic knowledge of mobile and web securitySystematically grasp the formation mechanism of application security vulnerabilities and have the ability to design corresponding solutions (in line with industry best security practices)Understand the thinking of threat modeling and attack surface analysis, actual combat experience is preferredBilingual English/Mandarin is required to be able to coordinate with overseas partners and stakeholders.Ability to work independently and as part of a team.Strong problem-solving and analytical skills. Why Binance
• Shape the future with the world’s leading blockchain ecosystem
• Collaborate with world-class talent in a user-centric global organization with a flat structure
• Tackle unique, fast-paced projects with autonomy in an innovative environment
• Thrive in a results-driven workplace with opportunities for career growth and continuous learning
• Competitive salary and company benefits
• Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)
Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.
