Director of Security Engineering
Remote (United States or Candada), Boston, San Francisco, Denver
CircleCI
Get the best continuous integration and delivery (CI/CD) for any platform, in our cloud or on your own infrastructure, for free.CircleCI is hiring a Director of Security Engineering to lead and guide our growing security function within the company.
Our Philosophy
We strive to provide an outstanding security posture for our infrastructure and ultimately, our customers. We believe excellent security and compliance is a competitive differentiator. Thus we are generally unwilling to put up gates or slow down developer flow. Constraints drive creativity. If there is hard work required to make the right things the easy things, we're wiling to seek it out.
Areas of Responsibility
The Director of Security cover areas including application security, platform security, threat detection (including combating crypto-mining and other platform abuse), and security infrastructure.
These are development teams who serve our wider engineering organization.
Expectations
You'll own security for engineering, and the company. This includes heavy collaboration with our go to market teams and sales enablement in addition to engineering practices that contain security response, incident handling, compliance posture, and headcount planning.
You'll improve upon metrics and other measures to ensure we're getting the outcomes and returns for our security investments of our platform.
Responsibilities:
- Define operating metrics and team goals and lead the organization to meet them.
- Enable engineering teams to deliver projects and roll out secure, and compliant features at scale
- Craft security strategies and roadmap for the security engineering group to help scale the infrastructure and meet business objectives.
- Provide guidance and mentorship to our engineering teams
- Continuously integrate improved security practices into our software developer processes.
- Support teams within the org that coordinate with internal and external auditors regarding security controls (SOX, SOC2, FedRAMP, etc.) and privacy frameworks (CCPA, GDPR, etc.) and work to resolve identified gaps.
You're the right person for this role if you are:
- Passionate about building systems to make the right things easy.
- Have experience with a globally distributed team.
- Are comfortable working outbound with go-to-market teams and directly with customers.
- An experienced manager with the ability to mentor and develop individual contributors and managers.
- A data-driven problem solver who resists inertia by constantly looking to optimize and improve existing processes
- Someone who can communicate strategy, direction, and plans via written documentation, presentations and influence with teams, peers, and leaders.
Requirements:
- 7+ years of security engineering experience with an emphasis on secure development, infrastructure, and compliance requirements.
- 5+ years in security (or similar) management experience with proven track record to attract, develop and retain talent, specifically for distributed teams.
- Experienced in engineering to deliver product via agile methodologies.
- Ability to empower people, instill accountability, and achieve results.
- Strong verbal and written communication skills, organizational proficiency, and project/program management skills.
About CircleCI
CircleCI is the world’s largest shared continuous integration and continuous delivery (CI/CD) platform, and the central hub where code moves from idea to delivery. As one of the most-used DevOps tools that processes more than 1 million builds a day, CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Spotify, Coinbase, Stitch Fix, and BuzzFeed use us to improve engineering team productivity, release better products, and get to market faster.
CircleCI is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security CCPA CI/CD CircleCI Compliance Crypto DevOps FedRAMP GDPR Privacy SOC 2 Strategy Threat detection
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs