Back To All Jobs Security Engineer - Application Security
San Francisco, CA
Coinbase stores more digital currency than any company in the world, making us a tier 1 target on the internet. Given breaches are the number one cause of death amongst digital currency companies, security is core to our mission and has been a key competitive differentiator for us as we scale. If you're a security professional looking to fight on the front lines in a high-stakes, high-intensity environment, we'd like to speak with you about joining our security team.
We're a small team working with a large engineering group. We work on deployment and security tooling, developer education, security-critical design and code review and good ol-fashioned pentesting. Our goal is to help our engineers ship safe, resilient code as part of a multi-layered and diverse ecosystem of containerized microservices. Responsibilities
- Build/deploy/maintain security controls and instrumentation around and in our code
- Consult with engineering teams on security-critical product features
- Help facilitate our bug bounty program
- Educate developers
- Significant experience in at least one of Ruby, Go, Node or Java
- Strong understanding of AWS services and architectures
- Understanding of common vulnerabilities in web and mobile applications
- Great ability to communicate with developers
- Interest in both breaking and building
What to send
- Experienced with Docker security
- Experience with popular threat modeling systems
- Experience with static analysis
- Experience fuzzing applications and protocols
- A resume or LinkedIn profile
- A link to your GitHub/Stack Overflow/HackerOne profile or something awesome that you've built
- A brief answer to the following question: If you were to break into Coinbase, how would you do it?
In case you are wondering what technologies we use at Coinbase, we're built using a combination of Ruby, Node.js, PostgreSQL, MongoDB, Redis, Swift (for iOS), and Java (for Android). Prior experience with these exact languages/technologies is not required. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.