7 days ago
You'll join a highly-distributed team that’s building a paved security path so our team of more than 130 engineers can focus on their core competencies and worry less about security issues. You'll write sustainable, resilient code as part of an engineering organization that values collaboration, trust, and learning. You’ll be part of a team at the heart of CircleCI’s business responsible for build environments used by thousands of development teams every day.
What You’ll Do:
- Participate in bi-monthly third-party penetration tests.
- Write and maintain sustainable, high-quality, high-performance code.
- Participate in the Security Team’s on-call incident rotation.
- Respond to bug emails submitted by security researchers and work on remediation.
- Backlog grooming and chipping away at technical debt.
- Be a leader on third-party library security.
- Write blog posts, lead internal workshops and education efforts.
What We're Looking For:
Does that sound like you? If so, here’s the experience we’re looking for:
- Security mindset.
- Strong analytical skills.
- Excellent communication skills.
- Calm under high-pressure situations.
- Deep knowledge of Node.js, NPM, Yarn and React.js.
- Web penetration testing and OWASP Top 10 experience.
- Experience working in a modern cloud company with Docker, Kubernetes, Terraform, Helm, AWS, and GCP.
- A willingness to learn Clojure and new languages.
- A focus on delivering high-quality code through strong testing practices.
- Ability to manage customer demands and work with internal stakeholders to solve them.
- Demonstrated ability to lead multiple, complex projects simultaneously.