### _Blockchains will only consider candidates who reside in the U.S. or
Germany and do not require any VISA support._
### OUR VISION
In the new and exciting world of the decentralized internet, otherwise known
as Web3, it is an individual’s fundamental right to own and control their
digital identity. To ensure that the individual is paramount in Web3, we are
developing a suite of applications to enable everyone to safely engage, take
part, and transact in the emerging, decentralized world of the internet. Our
platform centers on Web3 Identity and leverages that identity to provide
individuals with secure digital asset storage and recovery, access to
decentralized finance, the ability to prove ownership of their creations, and
gateways to digital interactions and experiences – all to empower and benefit
every Web3 user.
We believe that the decentralized nature of Web3 creates an opportunity for
everyone to challenge the digital status quo—to own and control their
identity, data, finances, creations, and future. This is the chance to get it
right – to rally a movement of individuals so Web3 belongs to everyone, not to
trillion-dollar companies. To fulfill this vision, we are seeking dynamic
people who want to join us in leading the way to this new world.
### WHAT YOU WILL DO
As a key member of the Cyber/IT team with robust interaction across other
functions – Product, Engineering, and GRC – the DevSecOps Engineer will be
critical to the realization of DevSecOps principles and best practices at
Blockchains. The key responsibility of the role is to provide leadership in
the DevSecOps areas of Vulnerability Scanning, coordination of Remediation
Patching, and other daily Security and Compliance efforts in software
engineering, builds, and deployments. The ideal candidate has tactical skills
in development and IT operations experience as well as demonstrable
cybersecurity savvy –a security-first mindset – and can analyze issues,
articulate solutions, coach/mentor responsibilities for key functional groups,
and catalyze action to advance us on our journey to DevSecOps excellence.
*** _**Managing app-sec lifecycle of architecture, tooling, and operations:_ *
* Working productively with Engineering, Product, and Cyber/IT teams to accelerate momentum for CI/CD pipeline automation – from tooling and governance (process, procedures, and playbooks) perspectives – and motivating app-sec champions to own and drive adherence to standards. Serving as a point of contact for product teams on all such matters.
* Enabling and championing constant refinement in DevSecOps practices, including automation of SAST, DAST, IAST, MAST along with threat modeling, code peer reviews, penetration testing, security remediation, and security monitoring/incident response enablement.
* Directing experience building and maintaining CI/CD pipelines and automating manual processes, preferably in Gitlab.
* Directing experience implementing and maintaining SAST and DAST tools like Sonarqube Sonar, BlackDuck, Snyk, OWASP ZAP, Rapid7 InsightAppSec.
* Assisting in the development, definition, and sustainment of security standards and best practices around a zero-trust approach.
* Aligning cross-functionally on issues and direction, clearly communicated, and mobilize action across teams and per consensus on an action plan to ensure code and operational integrity.
* Responsible for vulnerability management, and core contributor to exception and release management – and driver of applicable reporting across platforms and products.
**Working on cross-functional Cyber/IT, GRC, and Engineering projects:**
* Identifying new tools or innovating on existing provisions, tooling, or procedures, to drive new efficiencies and to augment the impact of DevSecOps capacity and performance.
* Identifying and proposing controls for risks, technical or operational, crafting appropriate governance apparatus for review, refinement, and adoption by team(s) upon approval.
* Serving as a coach to enable security champions and raise awareness – in peer-to-peer training, workshops, or less structured initiatives – of DevSecOps principles and practices and working with team members across functions to drive corresponding tactics.
### WHAT YOU WILL NEED TO SUCCEED
To ensure success, you must have a passion for all things IT, Cybersecurity,
and DevSecOps with a security-first mindset. You are a diligent collaborator
who is equally technical, and business minded. You are knowledgeable in taking
a risk-based approach to prioritize efforts. You can assist in leading efforts
to improve the overall application security program and availability of
systems. You can work with numerous cross-functional teams in a fast-paced,
growing company. Strong verbal and written communication skills. Experience in
blockchain technologies would be a plus.
### YOUR EDUCATION AND EXPERIENCE
You have a bachelor’s degree and 10+ years of experience in the software
industry, IT operations, and cybersecurity, of which at least three in the
prior five years have been in application security or, preferably, DevSecOps.
You possess demonstrated experience with the implementation, operation, and
support of enterprise DevSecOps technologies, and have successfully
served/demonstrated as the go-to person to resolve and prevent security
issues, deriving impactful solutions.
_Blockchains, Inc. (“Blockchains”) is proud to be a diverse workforce, and we
are committed to inclusion and diversity to ensure equal opportunity for all
applicants. Blockchains provides equal employment opportunities to all
employees and applicants regardless of race, color, religion, sex, sexual
orientation, gender identity and/or expression, national origin, age, marital
status, physical or mental disability, veteran status, or any other
characteristic protected by federal, state, or local laws._
_When you apply to a job on this site, the personal data contained in your
application will be collected by Blockchains, Inc. (“Controller”), which is
located at 610 Waltham Way, Sparks, NV 89437 and can be contacted by
emailing[[email protected]](mailto:[email protected]).
Controller’s data protection officer is Edward O'Connor, who can be contacted
at [[email protected]](mailto:[email protected]). Your personal
data will be processed for the purposes of managing Controller’s recruitment
related activities, which include setting up and conducting interviews and
tests for applicants, evaluating and assessing the results thereto, and as is
otherwise needed in the recruitment and hiring processes. Such processing is
legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General
Data Protection Regulation) as necessary for the purposes of the legitimate
interests pursued by the Controller, which are the solicitation, evaluation,
and selection of applicants for employment._
*Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards under [either the standard contractual clauses or the Privacy Shield]. You can obtain a copy of the standard contractual clauses by contacting us at [[email protected]](mailto:[email protected]). *
_Your personal data will be retained by Controller as long as Controller
determines it is necessary to evaluate your application for employment. Under
the GDPR, you have the right to request access to your personal data, to
request that your personal data be rectified or erased, and to request that
processing of your personal data be restricted. You also have to right to data
portability. In addition, you may lodge a complaint with an EU supervisory
authority._
Blockchains focuses on Blockchains and Blockchain / Cryptocurrency. Their
company has offices in Reno, Nevada, Sparks, and Remote. They have a mid-size
team that's between 51-200 employees.
You can view their website at <https://www.blockchains.com/>
