Senior Application Security Architect

Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 250 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

• Design and implement secure application architectures, considering factors like authentication, authorization, data protection, and vulnerability management etc.
• Develop and maintain secure coding guidelines and standards.
• Conduct architectural / security requirement reviews to identify/assess potential security risks and mitigate security risks that may be caused by new products, new functions, bug fixes, etc..
• Develop and implement security controls and countermeasures to mitigate identified risks.
• Conduct regular security audits or penetration testing.
• Ensure compliance with relevant security standards and regulations (e.g., OWASP).
• Stay up-to-date with the latest security threats and vulnerabilities and incident in the community etc.
• For the company's product business area, conduct pre-research to deep understand the business and reserve security tech research
• Gradually form a basis for risk identification based on different products and security solution
• Communicate security risks and recommendations to stakeholders.
• Provide guidance and mentorship to the teams on security suggestions and secure coding practices. 

• A bachelor's degree or above in computer science or a related field
• More than 6 years of application security experience or software development, more than 10 years is preferred
• Strong understanding and execution of software development principles and SDLC
• Proficient in mainstream Web application development technology, Java-based tech stack is preferred
• Proficient in the causes and solutions of OWASP TOP 10 security issues
• Proficient in technical implementation of common security solutions
• Understand the basic techniques of penetration testing and security testing
• Familiar with the use of static security scanning tools for code, as well as problem analysis and solution design
• Understand the basic knowledge of mobile and web security
• Systematically grasp the formation mechanism of application security vulnerabilities and have the ability to design corresponding solutions (in line with industry best security practices)
• Understand the thinking of threat modeling and attack surface analysis, actual combat experience is preferred
• Bilingual English/Mandarin is required to be able to coordinate with overseas partners and stakeholders.
• Ability to work independently and as part of a team.
• Strong problem-solving and analytical skills.

Why Binance

• Shape the future with the world’s leading blockchain ecosystem

• Collaborate with world-class talent in a user-centric global organization with a flat structure

• Tackle unique, fast-paced projects with autonomy in an innovative environment

• Thrive in a results-driven workplace with opportunities for career growth and continuous learning

• Competitive salary and company benefits

• Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.

By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice.