Senior Security Engineer
Maintaining a high security bar has earned us the trust of millions of customers. The Security team works across the organization, architecting, advising, and building solutions that make the Coinme engineering platform secure. This role will touch all facets of the engineering pipeline, from development and deployment, to core infrastructure and configuration, to the cross between SRE and Security.
Successful candidates will come from a technical background with hands-on experience in developing cloud systems at scale, have a solid understanding of security controls in the digital currency space, know how to design enterprise systems for security, possess strong threat modeling experience, have experience building and documenting reliable and scalable distributed systems, and collaborate with others to drive initiatives forward. We are looking for someone who can balance technical risks against business risks and consistently drive for the right results.
- Collaborate with Engineering teams to incorporate strong security controls, apply security best practices in our development life cycle, and mitigate risks and security vulnerabilities
- Design and coordinate cohesive responses to security events Build security utilities and tools for internal use that enable you and your fellow Engineers to operate at high speed and wide scale
- Promote and drive the implementation of a platform security architecture that supports Coinme’s goals and deliverables, through collaboration, design, requirements, and code.
- Create security test plans and test cases that cover security feature testing, fuzzing, application penetration testing, and regression etc.
- Conduct security tests and identify potential vulnerabilities (OWASP top 10 - XSS, CSRF, SQLi, critical/high and common issues in NVD, etc.) of improvement in security design
- Triage and validate security vulnerabilities found or reported, and serve as SME, identifying mitigation solutions
- Communicate issues to the application owners, provide meaningful remediation recommendations, and validate that they have been resolved
- Advocate security and mentor team members on best practices to develop the next generation of technical security leaders.
- Bachelors degree in Computer Science, Software Engineering, or equivalent experience
- 5+ years of demonstrated experience with a focus in areas such as systems, network, and/or application security.
- 2+ years on a Security Operations team, especially experience coordinating responses to security incidents.
- Experience working with Security Compliance Frameworks (ISO 27001, NIST, PCI-DSS, HIPAA, Sarbanes-Oxley, SSAE16, SOC2)
- Experience implementing/utilizing Federal, Industry and Open Source Security Guidance and Secure Coding Practices (OWASP, Critical Security Controls, Cloud Security Alliance, CERT, SANS, SafeCode, and CWE Top 25)
- Experience working in a highly regulated industry with crypto currencies and the blockchain is a plus