Skip to content

Security QA (100% Remote)

  • Remote
    • Hà Nội, Hà Nội, Vietnam
    • Jakarta, Jawa, Indonesia
    • Singapore, Central Singapore, Singapore
    • Bangkok, Krung Thep Maha Nakhon, Thailand
    +3 more
  • Engineering

Job description

We're on a mission to create the most innovative and industry-leading cryptocurrencies exchange.


Our team is globally distributed and fully remote, so excellent English communication skills are critical for when we collaborate together to develop, support, and deliver the best platform possible for our users. If you get excited about being in an industry that is breaking new ground and have a disposition of confidence towards challenging technical feats and learning new and complex products, we want to talk to you.


We’re looking for a Security QA to play a crucial role in ensuring the security and integrity of the exchange platform and its associated services & products.


Our team is globally distributed and fully remote, so excellent English communication skills are critical. The position of Security QA involves detecting and evaluating the security measures and vulnerabilities within our desktop, web, and API products. The primary goal is to identify and mitigate security risks to safeguard customer assets, and maintain the company's reputation for trustworthiness and reliability.


Key Responsibilities:

  • Security Testing:
    • Conduct comprehensive security testing on Desktop / Web / API products to identify vulnerabilities, security flaws, and potential risks.

    • Use various security testing tools, methodologies, and techniques to evaluate API endpoints and data exchanges.

  • Vulnerability Assessment:
    • Perform security assessments to identify and prioritize potential vulnerabilities, such as authentication issues, injection attacks, and data leakage.

    • Document and report identified vulnerabilities and provide recommendations for remediation.

  • Penetration Testing:
    • Conduct penetration testing to simulate real-world attacks.

    • Analyze our products' resilience to common attack vectors and security threats.

  • Privilege Scope and Escalation:
    • Analyze our products for horizontal / vertical privilege escalation vectors.

    • Analyze access levels to determine if the scope and request limits are sufficient and secure.

  • Test Case Creation:
    • Develop detailed test cases and test scenarios to systematically evaluate the products' security posture.

    • Collaborate with the development and security teams to establish testing criteria and requirements.

  • Security Tools and Methodologies:
    • Stay up-to-date with the latest security testing tools, techniques, and industry best practices.

    • Implement security testing methodologies, including OWASP Top Ten and other relevant standards.

  • Reporting and Documentation:
    • Create clear and concise security assessment reports that highlight findings and recommendations for remediation.

    • Collaborate with the development and security teams to ensure vulnerabilities are properly addressed and resolved.

  • Continuous Monitoring:
    • Implement ongoing monitoring and testing to identify new security threats and vulnerabilities.

    • Assist in the development and implementation of security policies and procedures.

Job requirements

  • Bachelor's degree in a related field or equivalent work experience.

  • Knowledge of cryptocurrency technology, and the cryptocurrency exchange ecosystem.

  • Proficiency in Desktop / Web / API security testing methodologies and tools.

  • Familiarity with security standards, such as OWASP, NIST, and ISO 27001.

  • Knowledge of penetration testing techniques and tools.

  • Strong analytical skills and attention to detail.

  • Excellent communication and documentation skills.

  • Ability to work independently and collaboratively with cross-functional teams.

  • Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) are a plus.


A Security QA Tester is a critical role in safeguarding the assets and trust of customers on the platform. Your efforts will contribute to the overall security and integrity of the exchange, ensuring a safe and reliable environment for trading and financial transactions in the cryptocurrency space.

or