Senior Application Security Engineer

Turnkey

Completely RemoteFull TimeInformation Technology
Posted Today

Job description

About the Company

Turnkey builds secure, developer-first infrastructure for private key management, making it simple to create wallets, sign transactions, and automate on-chain actions through one elegant API. Founded by the team behind Coinbase Custody, Turnkey's mission is to secure the open internet by making strong cryptography and key management the default.

Responsibilities

  • Partner with Product and Engineering during design and development to implement features securely
  • Conduct security reviews, threat modeling, and security assessments for new features and systems
  • Audit and surface vulnerabilities in current products
  • Develop and improve automated tooling to scale product security capabilities
  • Build application guardrails to enable secure development by default
  • Investigate and remediate security issues, vulnerabilities, and incidents
  • Embed a culture of secure development across the engineering organization

Requirements

  • Bachelor's degree in Computer Science, Engineering, or a related field
  • 5+ years of experience in application or product security
  • Strong understanding of web, mobile, and cryptographic security fundamentals (OWASP Top Ten, SANS/CWE Top 25)
  • Proficiency in TypeScript/JavaScript, Go, or Rust
  • Hands-on experience with security testing tools (static/dynamic analysis, pen testing)
  • Strong understanding of cloud, containerized, and runtime environments (AWS, GCP, Docker, Kubernetes)
  • Experience embedding security early in the SDLC

Preferred Qualifications

  • Familiarity with crypto or DeFi systems and their unique security challenges
  • Familiarity with threat modeling frameworks and cloud-native security tooling

Benefits

  • Full benefits including medical, dental, vision, life, disability, HSA/FSA, and 401(k)
  • Paid parental leave
  • Unlimited PTO
  • $3,000/yr learning and development budget
  • Multiple team offsites per year
  • Macbook Pro laptop
  • Lunch stipend (for NYC office)

Skills & tools

TypeScriptGoRustAWSKubernetes

What the team is looking for

Use this list as a quick fit check before you apply.

  1. 01Bachelors degree in Computer Science or related field
  2. 025+ years application security experience
  3. 03Proficiency in TypeScript, Go, or Rust
  4. 04Experience with AWS, GCP, Docker, or Kubernetes
  5. 05Knowledge of OWASP Top Ten
ScoutJobsAd

Wake up to a shortlist, not a search results page.

ScoutJobs scores every new listing against your CV, salary floor and visa. A handful of real matches by morning.

Get your daily matches