Senior Security Engineer

CircleCI, Anywhere

See jobs at CircleCI

Duration: Full-Time

CircleCI is looking for an experienced Security Engineer capable of advancing security across our entire platform–from our single-page web app to the containers in our build system. You will work closely with Software Engineering and SRE, embracing a "shift left" mentality to ensure that engineers own the security of their own code from design into production. You will also work with our 3rd-party partners to manage layers of production security and our ongoing penetration testing program.

We are proud to foster a workplace free from discrimination. We strongly believe that diversity of experience, perspectives, and background will lead to a better environment for our employees and a better product for our users. 

About CircleCI
CircleCI is the best platform for software teams looking to rapidly build quality projects, at scale. Our intelligent continuous integration and delivery tools are simple yet powerful. Our aim is to provide the wisdom of a connected development ecosystem to every team member making technology decisions.

We run 7M+ builds a month on our platform for companies like Spotify, Kickstarter, Sony, and Coinbase. Over 25,000 organizations and 300,000 developers actively build, test, and deploy on CircleCI.  We’ve raised $59.5M in venture capital from Industry Ventures, Top Tier Capital, Scale Venture Partners, DFJ, Harrison Metal Capital, and Baseline Ventures.

What will make you successful:

  • Deep understanding of the fundamentals of security at multiple layers of abstraction, from operating systems to applications
  • Collaborative approach to mentoring software engineers on the development of secure code
  • Ability to develop a comprehensive view of a complete software system and the core interactions within that system
  • Passion for modern software development and operation, including agile, CI/CD, and infrastructure-as-code
  • Experience with the specific security implications of operating in a cloud environment
  • Systematic problem solving approach, coupled with a strong sense of ownership and drive
  • Proficiency in one or more of: Clojure, Go, Java, C, C++
  • A strong desire for continuous improvement
  • 5+ years of experience in software, 2+ in security

What you will do:

  • Support and advise software engineering teams in the design of secure software
  • Work with 3rd-party partners to manage our ongoing penetration testing program
  • Recommend and deploy tooling to manage security in the delivery pipeline as well as production systems
  • Design and deliver shared libraries and services to support security requirements within our platform
  • Engage with large customers as needed to advise them on security practices when deploying our solutions
  • Diagnose and resolve security issues in conjunction with software engineering teams
  • Participate in defining security-related end user features in the CircleCI product
If you’re interested in joining the team at CircleCI, please send a resumé and let us know why you’d be a great fit for our team. If you contribute to an open source project, write a blog, or have a presence on the web (Twitter, GitHub, LinkedIn, etc.) we would love to hear about it.

We care deeply about diversity and inclusivity. We’re hiring at all experience levels, and seek talented teammates from a wide variety of backgrounds and experiences who are equally committed to cultivating a work environment of respect and kindness. We carefully consider every applicant that takes the time to apply.

About CircleCI

CircleCI was founded in 2011 with the mission of giving every developer state-of-the-art automated testing and continuous integration tools. Our Story Velocity is critical for software teams in today's competitive landscape, but maintaining speed can be difficult as apps and systems grow larger and more complex. CircleCI’s platform allows developers to rapidly release code (for web and mobile apps) they trust by automating the build, test, and deploy process. CircleCI enables developers to detect and fix bugs before they even reach customers. Thousands of leading companies including Facebook, Kickstarter, Shyp, and Spotify rely on CircleCI to accelerate delivery of their code and enable developers to focus on creating business value fast.

CircleCI is a Bay Area Best Places to Work 2016 award winner from the San Francisco Business Times and Silicon Valley Business Journal. Founded in 2011 and headquartered in beautiful downtown San Francisco with a global remote workforce, CircleCI is venture backed by Scale Venture Partners, DFJ, Baseline Ventures, and Harrison Metal Capital.


Want to learn more about CircleCI? Visit CircleCI's website.