Staff Security Engineer
Reporting to the Head of Security, the Staff Security Engineer will be responsible for building and maintaining tools within the Security Team. Their primary duty is to design projects and build them with other security engineers or others across the Engineering Department. A typical day will include focused development work on a current strategic project, and consulting across the Engineering Department on day-to-day matters.
You'll join a highly-distributed team that’s building a paved security path so our team of more than 100 engineers can focus on their core competencies and worry less about security issues. You'll write sustainable, resilient code as part of an engineering organization that values collaboration, trust, and learning. You’ll be part of a team at the heart of CircleCI’s business, responsible for build environments used by thousands of development teams every day.
What You’ll Do:
- Write and maintain sustainable, high-quality, high-performance code using Clojure and Go.
- Operate within the Agile delivery model to deliver value incrementally.
- Maintain security infrastructure using Terraform, Helm and Kubernetes.
- Partner with Site Reliability Engineering to solve complex operational challenges.
- Identify and build user-friendly tools to create a paved path for secure development and operations.
- Participate in the Security Team’s on-call incident rotation and operations work.
- Balance paranoia with business needs.
- Generate new ideas, write problem statements, and proactively consult so other engineers understand the security implications of their ongoing work.
- Interview additional candidates to scale the Security Team.
- Lead the curriculum development for CircleCI’s Capture The Flag annual security training for all Engineering Department ICs.
What we're looking for:
Starting projects from scratch is invigorating. You have strong opinions on project design that are based on experience. Establishing processes makes you feel comfortable. Finishing projects and keeping them Done is a fundamental value. Mentoring is a primary reason why you love your profession. Learning something new every day is essential to your happiness. You are compassionate and genuinely like people.
Does that sound like you? If so, here’s the experience we’d like to see:
- 5 years of software engineering experience.
- Security mindset.
- Strong analytical skills.
- Excellent communication skills.
- Calm under high-pressure situations.
- Web, database, information and/or infrastructure security.
- Demonstrated ability to lead multiple, complex projects simultaneously.
- A focus on delivering high-quality code through strong testing practices.
- Ability to manage customer demands and work with internal stakeholders to solve them.
- At least three years experience with a functional language such as Clojure, or alternatively Java, Go or Python, with a willingness to learn new languages.
- Experience working with some mixture of Docker, Kubernetes, Terraform, Helm, and AWS.
CircleCI Engineering Competency Matrix:
The Engineering Competency Matrix is our internal career growth system for engineers. This position is level E4. If you’re not sure this is you, we encourage you to apply. Find more about the matrix in this blog post.
How to apply
Submit your application online via the Apply Now button. Please include a cover letter that describes why you're interested in working for CircleCI and summarize how your experience and career goals fit the qualifications for the position.
CircleCI is a distributed team and we are hiring engineers to work remotely in Alberta, British Columbia, Manitoba, New Brunswick, Newfoundland and Labrador, Nova Scotia, Ontario, Prince Edward Island and Saskatchewan, through our affiliate Continuous Labs.
CircleCI is the world’s largest shared continuous integration and continuous delivery (CI/CD) platform, and the central hub where code moves from idea to delivery. As one of the most-used DevOps tools that processes more than 1 million builds a day, CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Spotify, Coinbase, Stitch Fix, and BuzzFeed use us to improve engineering team productivity, release better products, and get to market faster.
CircleCI is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.