Posted over 1 year agoCircleCI is looking for an experienced Application Security Engineer capable of advancing security across our entire platform–from our single-page web app to the containers in our build system. You will work closely with Software Engineering and SRE teams, bringing security in early in the life-cycle and working with engineers to build security from design through production. We are proud to foster a workplace free from discrimination. We strongly believe that diversity of experience, perspectives, and background will lead to a better environment for our employees and a better product for our users. About CircleCICircleCI is the best platform for software teams looking to rapidly build quality projects, at scale. Our intelligent continuous integration and delivery tools are simple yet powerful. Our aim is to provide the wisdom of a connected development ecosystem to every team member making technology decisions. We run 7M+ builds a month on our platform for companies like Spotify, Kickstarter, Sony, and Coinbase. Over 25,000 organizations and 300,000 developers actively build, test, and deploy on CircleCI. We’ve raised $59.5M in venture capital from Industry Ventures, Top Tier Capital, Scale Venture Partners, DFJ, Harrison Metal Capital, and Baseline Ventures. What will make you successful:Software development experience, interest and ability. Proficiency in one or more of: Clojure, Go, Java, C#, C, C++, Ruby.Deep understanding of the fundamentals of security at multiple layers of abstraction, from operating systems to applications.Collaborative approach to mentoring software engineers on the development of secure code.Passion for modern software development and operation, including agile, CI/CD, and infrastructure-as-code.Experience with the specific security implications of operating in a cloud environment.Systematic problem solving approach, coupled with a strong sense of ownership and drive. Enjoy flexibility in role and a desire to experiment with different approaches. Excited by the ability to make significant impact in a growing company.A strong desire for continuous improvement.5+ years of experience in software, 2+ in security.What you will do:Support and advise software engineering teams in the design of secure software. Design and deliver shared libraries and services to support security requirements within our platform. Work with 3rd-party partners to manage our ongoing penetration testing program. Recommend and deploy tooling to manage security in the delivery pipeline as well as production systems.Engage with large customers as needed to advise them on security practices when deploying our solutions.Diagnose and resolve security issues in conjunction with software engineering teams.Participate in defining security-related end user features in the CircleCI product.If you’re interested in joining the team at CircleCI, please send a resumé and let us know why you’d be a great fit for our team. If you contribute to an open source project, write a blog, or have a presence on the web (Twitter, GitHub, LinkedIn, etc.) we would love to hear about it. We care deeply about diversity and inclusivity. We’re hiring at all experience levels, and seek talented teammates from a wide variety of backgrounds and experiences who are equally committed to cultivating a work environment of respect and kindness. We carefully consider every applicant that takes the time to apply.