Security Engineer
Coinbase stores more digital currency than any company in the world, making us a tier 1 target on the internet. Given breaches are the number one cause of death amongst digital currency companies, security is core to our mission and has been a key competitive differentiator for us as we scale. If you’re a security professional looking to fight on the front lines in a high-stakes, high-intensity environment, we’d like to speak with you about joining our security team.
We’re a small team working with a large engineering group. We work on deployment and security tooling, developer education, security-critical design and code review and good ol-fashioned pentesting. Our goal is to help our engineers ship safe, resilient code as part of a multi-layered and diverse ecosystem of containerized microservices.
Responsibilities
Build/deploy/maintain security controls and instrumentation around and in our code
Consult with engineering teams on security-critical product features
Help facilitate our bug bounty program
Educate developers
Requirements
Significant experience in at least one of Ruby, Go, Node or Java
Strong understanding of AWS services and architectures
Understanding of common vulnerabilities in web and mobile applications
Great ability to communicate with developers
Interest in both breaking and building
Preferred
Experienced with Docker security
Experience with popular threat modeling systems
Experience with static analysis
Experience fuzzing applications and protocols
What to send
A resume or LinkedIn profile
A link to your GitHub/Stack Overflow/HackerOne profile or something awesome that you've built
A brief answer to the following question: If you were to break into Coinbase, how would you do it?
In case you are wondering what technologies we use at Coinbase, we’re built using a combination of Ruby, Node.js, PostgreSQL, MongoDB, Redis, Swift (for iOS), and Java (for Android). Prior experience with these exact languages/technologies is not required.
Coinbase is committed to diversity in its workforce and is proud to be an equal opportunity employer. Coinbase does not make hiring or employment decisions on the basis of race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state or federal law. Coinbase will also consider for employment qualified applicants with arrest and conviction records in a manner consistent with San Francisco’s Fair Chance Ordinance and similar local laws.