Senior Platform Security Engineer - Threat Detection
Remote (United States, Canada, Ireland, United Kingdom or Germany)
CircleCIGet the best continuous integration and delivery for any platform, in our cloud or on your own infrastructure.
Reporting to the head of security, the Senior Platform Security Engineer will investigate all types of threats in the CircleCI Cloud environment by conducting behavioral analysis during builds, assessing network traffic behavior, staying up to speed on malware trends, work proactively with third-party partners combating platform abuse, create metrics that establish benchmarks future work is measured against, and respond to incidents. Their primary duty is to identify users who are using CircleCI in ways that are against our Terms of Service and compliance requirements. A typical day will include analyzing customer configuration code, consulting with legal, examining our system for evidence of new exploits, reverse engineering them and building tools to detect and protect us from them.
You'll join a highly-distributed team that’s building a paved security path so our team of more than 130 engineers to ensure our infrastructure provides value to legitimate customers. You'll write sustainable, resilient code as part of an engineering organization that values collaboration, trust, and learning. You’ll be part of a team at the heart of CircleCI’s business responsible for build environments used by thousands of development teams every day.
What You’ll Do:
- Establish a refined culture of security observability and monitoring.
- Partner with Security Operations, Product, Legal and Platform Security Engineering
- Write and maintain sustainable, high-quality, high-performance code for infrastructure and security automation.
- Reverse engineer malware.
- Build tooling to analyze new open source code that circleci is processing.
- Researching and understanding the landscape of cryptomining malware.
- Identify entry points malware utilize for our product’s free tier
- Participate in the Security Team’s on-call incident rotation.
- Respond to bug emails submitted by security researchers and work on remediation.
What we're looking for:
You value and understand the importance of developing, documenting and educating others on best practices and processes for achieving goals. Learning something new every day is essential to your happiness. Mentoring is a primary reason why you love your profession. You are compassionate and genuinely like people. You love looking at obfuscated source code, solving difficult detection problems, thinking about how to make the game of malware not worth playing for your adversary, and discovering innovative abuses of everyday tools.
Does that sound like you? If so, here’s the experience we’re looking for:
- Security mindset.
- Strong analytical skills.
- Understanding of malware architecture, torrents, cryptomining, botnets, DDOS and other automated use against our terms of service.
- Five years experience researching malware and/or programmatic abuse of cloud environments.
- Excellent communication skills.
- Calm under high-pressure situations.
- Experience working with Docker, Kubernetes, Terraform, Helm, AWS, and modern distributed SaaS infrastructure.
- A willingness to learn new languages. We use Clojure, Go and TypeScript and our customers use almost every language under the sun.
- Web, database, information and/or infrastructure security.
- A focus on delivering high-quality code through strong testing practices.
- Ability to manage customer demands and work with internal stakeholders to solve them.
- Demonstrated ability to lead multiple, complex projects simultaneously.
CircleCI Engineering Competency Matrix:
The Engineering Competency Matrix is our internal career growth system for engineers. This position is level E3. If you’re not sure this is you, we encourage you to apply. Find more about the matrix in this blog post.
We know there’s no such thing as a “perfect” candidate - we’re all a work in progress and are growing new skills and capabilities all the time. CircleCI welcomes those who are enthusiastic about learning and evolving, so however you identify and whatever your background, if this looks like a role where you could do work that excites you, we hope you’ll apply.
Work remotely with our globally distributed team!
We’re a distributed company with teammates across the world. For this role, we are hiring engineers to work remotely in The United States, Ireland, The United Kingdom, Germany and through our affiliate, Continuous Labs, in the following Canadian provinces: Alberta, British Columbia, Manitoba, New Brunswick, Newfoundland and Labrador, Nova Scotia, Ontario, Prince Edward Island and Saskatchewan.
CircleCI is the world’s largest shared continuous integration and continuous delivery (CI/CD) platform, and the central hub where code moves from idea to delivery. As one of the most-used DevOps tools that processes more than 1 million builds a day, CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Spotify, Coinbase, Stitch Fix, and BuzzFeed use us to improve engineering team productivity, release better products, and get to market faster.
CircleCI is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.
Other jobs like this
Staff Software Engineer, Backend (Financial Reporting)Airflow AWS Backend Financial services Mentor Python Reconciliation Treasury
Career development Competitive pay Flex hours Flexible spending account Flex vacation +4
Explore more Remote Work and WFH career opportunities
Find open roles in Engineering, Design, Data, Marketing, Sales, Operations, Support and more, filtered by job title or popular skill, toolset and products used.
- Remote Senior Data Scientist jobs
- Remote Account Manager jobs
- Remote Technical Support Engineer jobs
- Remote Senior Site Reliability Engineer jobs
- Remote Senior Backend Engineer jobs
- Remote Solutions Engineer jobs
- Remote Sales Engineer jobs
- Remote Technical Account Manager jobs
- Remote Business Analyst jobs
- Remote Staff Software Engineer jobs
- Remote Senior Product Marketing Manager jobs
- Remote Senior Data Analyst jobs
- Remote Security Engineer jobs
- Remote Technical Writer jobs
- Remote Salesforce Administrator jobs
- Remote Machine Learning Engineer jobs
- Remote Product Owner jobs
- Remote Senior Customer Success Manager jobs
- Remote QA Engineer jobs
- Remote Content Marketing Manager jobs
- Remote Recruiter jobs
- Remote Program Manager jobs
- Remote Backend Engineer jobs
- Remote Senior Frontend Engineer jobs
- Remote Recruiting Coordinator jobs
- Remote Coaching-related jobs
- Remote DevOps-related jobs
- Remote Customer service-related jobs
- Remote React-related jobs
- Remote Kubernetes-related jobs
- Remote CRM-related jobs
- Remote Backend-related jobs
- Remote Entrepreneurial-related jobs
- Remote HR-related jobs
- Remote Interpersonal skills-related jobs
- Remote UX-related jobs
- Remote Docker-related jobs
- Remote Mentoring-related jobs
- Remote Linux-related jobs
- Remote Azure-related jobs
- Remote Open Source-related jobs
- Remote User Experience-related jobs
- Remote Integrations-related jobs
- Remote CI/CD-related jobs
- Remote KPIs-related jobs
- Remote FinTech-related jobs
- Remote Financial services-related jobs
- Remote Cloud-based-related jobs
- Remote UI-related jobs
- Remote Jira-related jobs