Application Security Engineer

The world of digital assets is accelerating in speed, magnitude, and complexity, opening the door to new ways for leveraging the blockchain. Fireblocks’ platform and network provide the simplest and most secure way for companies to work with digital assets and it trusted by some of the largest financial institutions, banks, globally-recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more. 

Application Security Engineer

About the Team

We’re seeking an Application Security Engineer to help enhance the security of our development and deployment lifecycle. In this role, you’ll work closely with engineering, DevOps, and security teams to embed security into every stage of the CI/CD process. You’ll manage and fine-tune security tools, define policies, and help orchestrate automation workflows that scale with our development practices.

What You’ll Do

• CI/CD Security Hardening
  Improve and secure our continuous integration and deployment pipelines.
• Security Tooling Management
  Operate, fine-tune, and customize tools like Snyk, Apiiro, and other AppSec platforms to reduce false positives and enhance threat detection
• Policy Definition
  Collaborate with cross-functional teams to develop practical, enforceable CI/CD security policies.
• Security Orchestration & Automation
  Build and maintain automated playbooks and workflows using orchestration platforms like Torq to support incident response and alert management.

Vulnerability prioritization

Collaborate with development, operations, and security teams to identify and prioritize security vulnerabilities/issues and requirements and integrate security controls into the development lifecycle.

Secure Code Review
Perform or support manual and automated secure code reviews, especially for high-risk components, and provide actionable remediation guidance to developers.

What You’ll Bring

• 2–5 years of experience in security engineering, DevSecOps, or a similar role
• Hands-on experience with modern CI/CD tools (GitHub, GitLab, ArgoCD, etc.).
  Familiarity with SCA/SAST/DAST/orchestration tools, such as Apiiro, Torq and Snyk
• Strong understanding of Git workflows and source control best practices
• Basic cloud knowledge (AWS or Azure preferred)
• Solid scripting skills (Python, NodeJS, or similar) are a plus
• Comfortable collaborating with developers and DevOps engineers to solve real-world security challenges
• In-depth understanding of security principles, best practices, and industry standards (e.g., OWASP, NIST, ISO 27001)
• Strong problem-solving and analytical skills, with the ability to identify and mitigate security risks
• Excellent communication and collaboration skills, with the ability to work effectively in cross-functional teams
• Bachelor’s degree in Computer Science, Information Security, or a related field (Nice-To-Have)
• Crypto enthusiasm (Nice-To-Have)

Why You’ll Love It Here

• A chance to own and grow our AppSec processes in a collaborative and supportive environment.
• Exposure to modern tools and real-world challenges in scaling security.
• Work alongside experienced security engineers and DevOps professionals.
• Opportunity to grow toward senior responsibilities with mentorship and support.
  
  

Fireblocks' mission is to enable every business to easily and securely access digital assets and cryptocurrencies. In order to do that, we strongly believe our workforce should be as diverse as our clients, and this is why we embrace diversity and inclusion in all its forms. 

Please see our candidate privacy policy here.