Kubernetes Jobs at Coinme

Senior Security Engineer

Maintaining a high security bar has earned us the trust of millions of customers. The Security team works across the organization, architecting, advising, and building solutions that make the Coinme engineering platform secure. This role will touch all facets of the engineering pipeline, from development and deployment, to core infrastructure and configuration.

Successful candidates will come from a technical background with hands-on experience in working with cloud services, have a solid understanding of security controls in the digital currency space, know how to design enterprise systems for security, possess strong threat modeling experience, have experience building and documenting reliable and scalable distributed systems, and collaborate with others to drive initiatives forward. We are looking for someone who can balance technical risks against business risks and consistently drive for the right results.

What You'll Be Working On:

• Collaborate with Engineering teams to incorporate strong security controls, apply security best practices in our development life cycle, and mitigate risks and security vulnerabilities
• Design and coordinate cohesive responses to security events
• Manage security services and tools , such as our SIEM, vulnerability management solution and end-point policy enforcement.
• Promote a security architecture that supports Coinme’s goals and deliverables, through collaboration, design, requirements, and code.
• Create and execute security test plans and test cases that cover security feature testing, fuzzing, application penetration testing, and regression etc.
• Identify potential vulnerabilities (OWASP top 10 - XSS, CSRF, SQLi, critical/high and common issues in NVD, etc.) for improvement in security design
• Triage and validate security vulnerabilities found or reported, and serve as SME, helping to identify mitigation solutions
• Communicate issues to the application owners, provide meaningful remediation recommendations, and validate that they have been resolved
• Advocate security culture and mentor team members on best practices to develop the next generation of technical security leaders

What We're Looking For:

• Bachelors degree in Computer Science, Software Engineering, or equivalent experience
• 5+ years of demonstrated experience with a focus in areas such as systems, network, and/or application security.
• 2+ years on a Security Operations team, with experience coordinating responses to security incidents.
• 2+ years of hands-on experience supporting a large, complex cloud-based environment
• Experience working with Security Compliance Frameworks (ISO 27001, NIST, PCI-DSS, HIPAA, Sarbanes-Oxley, SSAE16, SOC2)
• Experience implementing/utilizing Federal, Industry and Open Source Security Guidance and Secure Coding Practices (OWASP, Critical Security Controls, Cloud Security Alliance, CERT, SANS, SafeCode, and CWE Top 25)

Not Required, But Nice to Have:

• Experience working in a highly regulated industry with crypto currencies and the blockchain is a plus
• Experience securing Kubernetes and distributed systems a plus