Senior Security Engineer
Remote (Canada), Remote (United States)
CircleCI
Get the best continuous integration and delivery (CI/CD) for any platform, in our cloud or on your own infrastructure, for free.CircleCI is hiring a Senior Security Engineer to join our growing Security Operations team.
Security Operations is responsible for preventing, detecting, and monitoring for threats to CircleCI. This includes (not limited to) detecting and preventing distributed denial-of-service (DDoS), fight phishing attempts, vulnerability management, enforce auditing controls, and writing new services and tools to meet these needs. Daily tasks may include writing Terraform to make infrastructure changes, doing service reviews, gathering evidence for compliance, and examining logs.
What You’ll Do
- Ensure services built and maintained by CircleCI meet SOC2, FedRAMP, and similar compliance needs
- Deploy and monitor security tooling which includes SIEMs, IDS/IPS, logging, and services built/maintained by the team
- Build automation using languages like Go to assist with capturing compliance-related auditing needs
- Partner with our Product, Legal, Infrastructure, and Security Engineering
- Vulnerability management across software repositories and deployed services is kept up-to-date
- Access control management for engineering (non-IT) services, including periodic audits for access
- Participate in shared on-call rotation
About You
We’re seeking someone who thrives in a collaborative environment, naturally curious and interested in learning, has strong communication and collaboration skills, and helps others grow by sharing their expertise and encouragement. You have strong opinions on project design that is based on experience.
- 3+ years security experience, preferably in similar role (examples include SecOps, SRE)
- 2+ years infrastructure experience, can be concurrent with security experience
- Knowledge of compliance frameworks, such as NIST
- Established and proven experience with Go. Work or significant experience with Java, Clojure, Python, or other languages are acceptable with ability to learn Go.
- Strong analytic and troubleshooting skills..
- Comfortable working synchronously, asynchronously, and in distributed remote teams.
- Experience using IDS/IPS systems, including those that enforce host and
- Comfortable interacting with SQL and NoSQL systems such as PostgreSQL and MongoDB.
- Infrastructure operations experience working with Docker, Kubernetes, Terraform, Helm, AWS, and GPC.
- Experience with implementing security tooling into SDLC and/or build pipeline
- Someone who is calm in high pressure situations
Our Philosophy
We strive to provide an outstanding security posture for our infrastructure and ultimately, our customers. We believe excellent security and compliance is a competitive differentiator. Thus we are generally unwilling to put up gates or slow down developer flow. Constraints drive creativity. If there is hard work required to make the right things the easy things, we're wiling to seek it out.
CircleCI Engineering Competency Matrix:
The Engineering Competency Matrix is our internal career growth system for engineers. This position is level P4. If you’re not sure this is you, we encourage you to apply. Find more about the matrix in this blog post.
Engineering at CircleCI is Remote-First
Being remote-first, we foster a culture that is inclusive of remote workers while allowing everyone to be the most productive. Read more about our remote-first culture here.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
About CircleCI
CircleCI is the world’s largest shared continuous integration and continuous delivery (CI/CD) platform, and the central hub where code moves from idea to delivery. As one of the most-used DevOps tools that processes more than 1 million builds a day, CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Spotify and BuzzFeed use us to improve engineering team productivity, release better products, and get to market faster.
CircleCI is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.
Colorado Salary Range: $134,000 - $168,000
Tags: Audits Automation AWS CI/CD CircleCI Clojure Compliance DDoS DevOps Docker FedRAMP Helm IDS IPS Java Kubernetes MongoDB Monitoring NIST NoSQL PostgreSQL Python SDLC SecOps SOC 2 SQL Terraform Vulnerability management
Perks/benefits: Career development Competitive pay
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs