Senior Security Engineer

Your Role As a Security Engineer in Drip Capital’s engineering team, you will have the opportunity to take ownership of :

• Owning the end to end security of all subsystems that contribute to the decision of providing trade finance to importers and exporters worldwide
• Audit code developed by engineers and point out security concerns
• Evaluate all third party software and libraries and provide recommendations
• Perform pen test and security reviews of all modules before they are released to production environments

Our Checklist 

• Bachelor's degree in computer science, or a related field with 4+ years of relevant work experience 
• Knowledge of web security, TLS/SSL, web authentication protocols such as OAuth, Role-Based Access Control (RBAC), security roles, policy, and enforcement
• End-to-end security expertise including application security, network security, device security. Knowledge of securing data at rest and data in motion
• Ability to determine vulnerabilities in code, check subsystems for common attack patterns and exploitation techniques. Ability to write functional exploits for – simple stack overflow, cross-site scripting, or SQL injection
• Experience in one programming language such as Go, Java, Python
• Strong analytical and problem-solving skills, and strong communications skills
• Knowledge of security standards such as HIPPA, SOX; and experience using standard security assessment and penetration testing tools would be a plus 

If you love to explore the security aspects of a distributed system that makes decisions related to global trade finance, let's talk!