Application Security Business Partner

EMCD is a leading technology company in the crypto industry, best known as the largest mining pool in Eastern Europe. We are expanding globally and building a comprehensive ecosystem of crypto services, including payment infrastructure, custody, mining solutions and enterprise-grade tools for businesses and institutions.

We are looking for an experienced Application Security Business Partner to collaborate closely with multiple development teams and drive application security practices across the product lifecycle. This role combines deep technical expertise with strong stakeholder collaboration and focuses on embedding security into product development from early design stages through release and ongoing operation.

Key Responsibilities

• Close collaboration with development teams to analyze business requirements and assess their impact on application and service security.
• Threat modeling for applications and services, with clear recommendations for mitigation strategies and security controls.
• Preparation of application security requirements and oversight of their implementation throughout the development lifecycle.
• Security reviews of system architecture, source code, and release artifacts, including security testing of applications and services.
• Tracking and control of vulnerability remediation, working directly with engineering teams to ensure timely resolution of security issues.
• Collaboration with DevSecOps teams to integrate security scanners and controls into CI/CD pipelines.
• Continuous security testing and code review activities aimed at improving the overall security posture of products and services.

Requirements

• Hands-on experience in application security or a closely related security engineering role.
• Strong understanding of common application threats and vulnerabilities, including OWASP Top 10, OWASP Mobile Top 10, and CWE Top 25.
• Knowledge of application security standards and best practices, with the ability to apply frameworks such as OWASP ASVS and WSTG in real-world scenarios.
• Understanding of infrastructure fundamentals, containerization concepts, and associated security risks.
• Familiarity with microservice architectures and modern approaches to securing distributed systems.
• Programming experience in Go, Python, or JavaScript is considered a strong advantage.

What We Offer

• Remote-first company — work from anywhere in the world.
• Fully flexible working hours.
• Extended time off: 20 paid vacation days + 12 bonus days per year.
• 100% paid sick leave.
• Paid English lessons (iTalki).
• Professional growth support (courses, certifications, training programs).
• Real impact and ownership in fintech & crypto projects.
• Corporate benefits: EMCD product discounts and mining infrastructure access.
• Salary in USDT.
• Employment via Service Agreement.

Apply today and help us build the future of crypto!