At Coinme, we're large enough to make a difference but small enough for your voice to be heard. This means that we are an organization where every person matters. You are part of the success of our business and that of our customers regardless of where you sit in our organization. A human touch in a digital world.
Digital currency can transform the way we conduct business and brings new benefits to both the corporate world and to consumers globally. Coinme is on a mission to help people everywhere understand and use the power of digital currencies as a delightful medium-of-exchange, and be accessible anywhere in the world, so everyone has a fair chance for financial prosperity.
From analyst to engineers, from marketing to client services experts, we're hiring to support your growth and ours – Together We Rise.
Senior Security Engineer
Maintaining a high security bar has earned us the trust of millions of customers. The Security team works across the organization, architecting, advising, and building solutions that make the Coinme engineering platform secure. This role will touch all facets of the engineering pipeline, from development and deployment, to core infrastructure and configuration.
Successful candidates will come from a technical background with hands-on experience in working with cloud services, have a solid understanding of security controls in the digital currency space, know how to design enterprise systems for security, possess strong threat modeling experience, have experience building and documenting reliable and scalable distributed systems, and collaborate with others to drive initiatives forward. We are looking for someone who can balance technical risks against business risks and consistently drive for the right results.
What You'll Be Working On:
- Collaborate with Engineering teams to incorporate strong security controls, apply security best practices in our development life cycle, and mitigate risks and security vulnerabilities
- Design and coordinate cohesive responses to security events
- Manage security services and tools , such as our SIEM, vulnerability management solution and end-point policy enforcement.
- Promote a security architecture that supports Coinme’s goals and deliverables, through collaboration, design, requirements, and code.
- Create and execute security test plans and test cases that cover security feature testing, fuzzing, application penetration testing, and regression etc.
- Identify potential vulnerabilities (OWASP top 10 - XSS, CSRF, SQLi, critical/high and common issues in NVD, etc.) for improvement in security design
- Triage and validate security vulnerabilities found or reported, and serve as SME, helping to identify mitigation solutions
- Communicate issues to the application owners, provide meaningful remediation recommendations, and validate that they have been resolved
- Advocate security culture and mentor team members on best practices to develop the next generation of technical security leaders
What We're Looking For:
- Bachelors degree in Computer Science, Software Engineering, or equivalent experience
- 5+ years of demonstrated experience with a focus in areas such as systems, network, and/or application security.
- 2+ years on a Security Operations team, with experience coordinating responses to security incidents.
- 2+ years of hands-on experience supporting a large, complex cloud-based environment
- Experience working with Security Compliance Frameworks (ISO 27001, NIST, PCI-DSS, HIPAA, Sarbanes-Oxley, SSAE16, SOC2)
- Experience implementing/utilizing Federal, Industry and Open Source Security Guidance and Secure Coding Practices (OWASP, Critical Security Controls, Cloud Security Alliance, CERT, SANS, SafeCode, and CWE Top 25)
Not Required, But Nice to Have:
- Experience working in a highly regulated industry with crypto currencies and the blockchain is a plus
- Experience securing Kubernetes and distributed systems a plus
- 100% Coinme-paid health insurance options for employees and dependents
- 100% covered Employee Assistance Program
- Paid Parental Leave
- Generous time off
- 401k with up to 4% vested match
- Professional development reimbursement
- Stock Options
- Paid Volunteer Hours
- Diverse offering of supplemental insurances
- 100% Remote Optional