Senior Security Application Engineer

Circle New York City , NY 10008

Posted 6 months ago

SeedInvest is a leading equity crowdfunding platform that provides individual investors with access to vetted startup investment opportunities. SeedInvest was instrumental in the passage of the 2012 JOBS Act, which changed 80-year-old U.S. securities laws to make it possible for entrepreneurs to raise capital over the Internet. SeedInvest has funded over 150 startups and boasts a rapidly growing network of over 250,000 investors. SeedInvest has had over 40,000 startups apply to raise capital since inception and has accepted less than 1% of those companies to feature on the platform. The company was recently featured on the 2018 Inc. 500 List as the 4th fastest-growing financial services company in America.

In March, 2019 Circle Internet Financial Ltd. acquired SeedInvest. Circle is a global crypto finance company built on blockchain, powered by crypto assets, and dedicated to helping people and institutions create and share value globally. Circle's suite of products enable customers to send and receive money around the world easily, as well as invest in and trade crypto assets. Circle is backed by $250 million from Goldman Sachs, Baidu, IDG, Breyer Capital, General Catalyst, and other leading global investors.

Circle is looking for a Senior Application Security Engineer who will work with engineering and product teams to secure our customer applications, including SeedInvest. As a Senior Application Security Engineer, you will have a part in every aspect of the development lifecycle and work closely with development teams to understand the security posture of the features being developed. You should love tackling difficult problems and be excited to learn new things quickly and independently. It's crucial that you're an effective communicator, as you'll collaborate frequently with different engineering teams to identify and address security issues. You should have a "breaker" mentality, but be effective at designing the mitigating controls.

What you'll work on

  • Partner with development teams to understand the security posture of the features being developed and identify and address security issues

  • Attend daily stand ups to ensure that product features have security "built in"

  • Work with the Ops and DevSecOps teams to make sure that product features are security is securely deployed

  • Address the application layer security issues as incidents occur

What you'll bring to SeedInvest/Circle

  • 7-8+ years of application security experience including source code auditing, penetration testing, product assessments, vulnerability research, reverse engineering, etc

  • Strong familiarity with Python and JavaScript web app development frameworks

  • Proven ability to find vulnerabilities beyond the OWASP Top 10.

  • Familiar with vulnerability management and penetration testing tools: Burp, ZAP, Kali Linux, or Metasploit

  • Excellent communication skills: demonstrated ability to explain complex technical issues to both technical and non-technical audiences

  • Strong analytical, organizational, and technical writing skills

  • Strong working knowledge of applied cryptography

Preferred Experience

  • Experience using security monitoring technologies e.g. Splunk, CloudWatch and CloudTrail events

  • Experience deploying using CI/CD pipelines to AWS e.g. Jenkins or AWS CodePipeline

  • Experience working in a regulated environment such as PCI or SO

Circle was founded in 2013 by internet entrepreneurs Jeremy Allaire and Sean Neville. We're backed by $250 million from investors including Jim Breyer (Facebook), Goldman Sachs, IDG Capital (Baidu, Tencent), General Catalyst (AirBnB, Snapchat), Accel Partners, and Bitmain, with offices in Boston, New York, San Francisco, Dublin, London and Hong Kong.

Circle Pay enables customers to send and receive money, across borders and currencies. Circle Invest empowers consumers to buy and sell crypto assets. Circle Trade is one of the world's top market makers for major crypto coins and offers OTC trading services for institutions and high net worth individuals. Additionally, in 2018 Circle acquired Poloniex and signed an agreement to acquire SeedInvest, both of which enable us to expand our offerings even further. Poloniex is one of the world's leading token marketplaces. SeedInvest is the largest equity crowdfunding platform in the United States, as well as a licensed broker-dealer.

Check us out at circle.com and download Circle Pay & Circle Invest for iOS and Android today.

We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sr Network Security Engineer

Nuveen Investments

Posted 1 week ago

VIEW JOBS 10/8/2019 12:00:00 AM 2020-01-06T00:00 COMPANY OVERVIEW: TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services. For more information about TIAA, visit our website. POSITION SUMMARY: TIAA's Production Services & Architecture (PS&A) team is responsible for all architecture, engineering and infrastructure operations of our core technology assets as part of a streamlined, strategic approach that ensures low cost, high quality delivery from initial architectural decisions through engineering to long-term operational support. The PS&A team collaborates closely with our business-aligned partners in technology and with key stakeholders across the enterprise. As a Senior Network Engineer for network security you will have the opportunity to participate in the engineering of TIAA's enterprise security environment. In this role you will work closely with Lead Engineers and internal customers to leverage applicable best practices for security design and enterprise business solutions. Your role will be responsible for periodic escalation support in a 24/7 environment addressing complex production impacting technical issues. You will be accountable for leading problem management and resolution for deployed firewall technologies and will act as a subject matter expert on high severity production issues. KEY RESPONSIBILITIES AND DUTIES: * Translate security architectures and project requests into engineered designs for the enterprise security environment * Implement defense-in-depth methodology for all new systems and services * Integrate security architectures with cloud services vendors * Use proven technologies with in architectural guidelines to develop solutions that expand services across the client base * Work with various vendor solutions and designs new security solutions to integrate new and existing client environments * Leverage applicable best practices for security design and enterprise business solutions * Lead problem management and resolution in the support of deployed technologies and acts as a subject matter expert on production outages * Conduct network assessments to validate an enterprise baseline and provide context for future network direction * Work with outsourced vendors to drive technical accountability of network standards, baselines, architecture, and solutions engineering * Work with outsourced vendors to drive sound engineering designs, and configuration templates * Participate in technology governance boards and/or councils * Generate conceptual, logical, and physical security architectures, documents, testing analyses, test plans, and risk assessments to ensure a sound architecture that meets client needs * Actively participate in the resolution of operational issues, including effectively working with cross functional teams and outsourced vendors as needed * Promote operational stability by assisting with the creation and tracking the implementation of network security infrastructure changes QUALIFICATIONS: Required Experience * Five or more years of networking and firewall experience * Experience with Palo Alto and Cisco ASA/FirePower platforms * Experience with layer 2 and layer 3 firewalls * One year experience with IPSEC, VPN, and SSL Desired Experience * Bachelor's degree in computer or information science preferred * Knowledge of Next Generation Firewalls. * Palo Alto ACE Certification * Experience with content filtering and web application proxies * Previous experience with App-ID and User-ID, Panorama, PXGrid, PBR, NAT on Palo Alto and Cisco ASA platforms * General understanding of Routing, Switching, Virtual LAN Switching, L2 Bridging and STP, TCP/IP, OSPF, BGP, Cisco Nexus/ACI * Strong communication skills (both written and verbal), customer service skills and strong attention to detail ability to interface with all levels of stakeholders Equal Employment Opportunity is not just the law, it's our commitment. Read more about the Equal Employment Opportunity Law. If you need assistance applying due to visually or hearing impaired, please email Careers Help. We are an Equal Opportunity/Affirmative Action Employer. We will consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status. Additional Information * Requisition ID: 1719106 Nuveen Investments New York City NY

Senior Security Application Engineer

Circle