As a Senior Security Engineer, you'll be joining a highly-distributed team that is paving the path forward for our team of more than 170 engineers to have early & fast feedback, and tooling to aid them in supporting our customers needs in as secure and robust a way as possible. You'll be part of a team at the heart of CircleCI’s business, which is responsible for build environments used by thousands of development teams every day.What You’ll Do:
- Participate in the Security Team’s on-call incident response rotation.
- Help guide the education of your peers across the organization on security issues.
- Contribute to internal and external security outreach programs, including writing blog posts and leading workshops.
- Respond to reports from security researchers, and coordinate remediation efforts.
- Assist in tracking and prioritizing security projects.
- Implement, and create tooling & processes to assist all of engineering in the creation of secure & robust software.
- Assist in particularly sensitive code reviews across the engineering organization, in multiple languages.
Does that sound like you? If so, here’s the experience we’re looking for:
- Security mindset.
- Strong analytical skills.
- Excellent communication skills.
- Calm under high-pressure situations.
- Five years experience writing code and operating production micro-services.
- Web penetration testing and OWASP Top 10 experience.
- Experience working in a modern cloud company with Docker, Kubernetes, Terraform, Helm, AWS, and GCP.
- A willingness to learn Clojure and new languages.
- A focus on delivering high-quality code through strong testing practices.
- Ability to manage customer demands and work with internal stakeholders to solve them.
- Demonstrated ability to lead multiple, complex projects simultaneously.
The Engineering Competency Matrix is our internal career growth system for engineers. This position is level E3. If you’re not sure this is you, we encourage you to apply. Find more about the matrix in this blog post.About CircleCI
CircleCI is the world’s largest shared continuous integration and continuous delivery (CI/CD) platform, and the central hub where code moves from idea to delivery. As one of the most-used DevOps tools that processes more than 1 million builds a day, CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Spotify, Coinbase, Stitch Fix, and BuzzFeed use us to improve engineering team productivity, release better products, and get to market faster.
Founded in 2011 and headquartered in San Francisco with a global remote workforce, CircleCI is venture-backed by Scale Venture Partners, Threshold Ventures (formerly DFJ), Baseline Ventures, Top Tier Capital, Industry Ventures, Heavybit, Harrison Metal Capital, Owl Rock Capital Partners, NextEquity Partners, Institutional Venture Partners and Sapphire Ventures.
CircleCI is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.