something's brewing ☕️
Security Engineering Lead
Location
United States
Posted
103 days ago
Salary
0
Seniority
Senior
Job Description
Security Engineering Lead
Espresso Systems
• Lead security audits of (a subset of) the Espresso codebase • As a project leader, you will have mobility in how you choose to organize security and audit efforts • Dive into the code of a fairly complex distributed system, learning and developing an understanding of the system on the fly (with help from the engineering team that built it, of course) • Coordinate with several engineering teams to aid in your audit, raise concerns and communicate results, and guide the effort to harden the system based on your findings • Coordinate with, manage, and review the work of external security auditing teams, in certain cases • Suggest improvements to testing and engineering practices to promote more secure and maintainable code
Job Requirements
- Solid grasp of software engineering principles, both low-level (e.g. language-specific best practices) and high-level (e.g. reliable software architecture, particularly in distributed systems)
- If focused on **Rust**: ≥ 1 year experience writing Rust, particularly with async Rust.
- If focused on **Solidity**: Multiple years experience writing smart contracts; experience with smart contract security audits or formal verification of smart contracts
- Experience as an engineer or software architect in a security-critical industry
- Be capable of describing the stakes, the challenges you've faced in building secure software, and the steps/processes you've taken to mitigate risk
- Experience as an auditor, pentester, QA tester, etc.
- Have a well thought-out approach to testing software and *designing it to be testable/auditable*
- Ability to think adversarially, and identify potential reliability or security vulnerabilities even in software that is correct in common or “happy path” scenarios
- Experience on the design and/or testing of distributed systems
- Comfort diving into unknowns and asking questions
Benefits
- Fully remote with flexible hours
- Work alongside the brightest minds in the crypto space
- Competitive salary + equity package
- Regular team off-sites to international locations
- Unlimited vacation policy
- Top-tier health, dental, and vision coverage for US employees
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Android Integration, Development and Security Engineer
SGDSNPour postuler à cette offre, l'envoi du CV est obligatoire.
Role Description Rattaché au chef de bureau et son adjoint, vos missions sont les suivantes : - Concevoir, intégrer et développer Secdroid, solution mobile sécurisée basée sur Android. - Participer aux différentes phases de conception et de réalisation du projet : - La Stratégie Et Les Réflexions Techniques - La Rédaction Des Spécifications - L’intégration De Briques Logicielles Existantes Et Le Développement De Modules Spécifiques - Le Portage De La Solution Sur De Nouveaux Matériels - Le Suivi Des Versions Fournies Par Les Différents Acteurs (Google, Les Constructeurs De Terminaux…) Et L’adaptation Du Code Source De La Solution Le Cas Échéant - Travailler en étroite collaboration avec les développeurs des couches applicatives pour garantir une bonne expérience utilisateur sans négliger les aspects de sécurité. - S’assurer que les développements restent interopérables avec le socle du système d’information portant les services. - Intervenir dans l’appréciation des travaux externalisés si nécessaire. - Maintenir la solution à l’état de l’art par une veille active des architectures matérielles et logicielles susceptibles d’être associées à la solution. Qualifications - Diplômé(e) d’une formation de type école d’ingénieur ou cursus universitaire équivalent. - Avoir suivi une formation reconnue par la commission des titres (bac+2 minimum) agrémentée d’une expérience opérationnelle significative. - Des connaissances sur d’autres systèmes d’exploitation seraient un plus. Requirements - Niveau 7 Master/diplômes équivalents. - Spécialisation : Formations générales, Informatique, traitement de l'information, réseau de transmission des données. Benefits - Connaissances en architecture des réseaux opérateurs et des protocoles de télécommunication. - Cryptographie et protocoles de sécurité. - Cartes à puce. - Savoir-faire en développement et intégration système sur les couches basses d'Android (C et Java). - Anglais technique, oral et écrit, courant. - Système Android, du noyau Linux et des vulnérabilités associées. - Environnements d'intégration continue (Git, Gerrit, Jenkins, etc.). - Restitution des résultats d'une analyse à des interlocuteurs variés (experts ou non). Company Description Pour postuler à cette offre, l'envoi du CV est obligatoire.
Cybersecurity Intern
FCJ Venture BuilderWe connect companies, startups, investors, and universities through the creation of new innovative businesses
• Learn and develop a deep understanding of the technologies in our cybersecurity portfolio. • Assist with POCs (Proofs of Concept) across a range of technologies, from risk assessments for IT and OT systems to Kubernetes solutions, event correlation, and Zero Trust technologies. • Support sales activities such as commercial presentations, pricing, and client proposals. • Support marketing activities such as technical and commercial roundtables for channel partners and end clients. • Assist with technical responses to RFPs (Requests for Proposals). • Assist the team with general administrative tasks as needed.
Lead Instructor, Cybersecurity
Correlation OneWe transform workforces today to power the data economy of tomorrow. | #6 on LinkedIn's Top Startups 2022 list
• Deliver high-quality, live, virtual instruction and partner with company personnel for learning outcomes. • Conduct large synchronous online lectures on technical content. • Prepare and lead virtual classroom sessions for a range of learners, which may vary in size. • Deliver instruction tailored to learners' needs, including math, verbal reasoning, and technical problem-solving. • Oversee class time Q&A and monitor engagement dynamics. • Collaborate closely with operations personnel to ensure smooth program delivery.
Senior DevSecOps Test Automation Engineer Public Trust (Remote)
ICFFounded in 1969, ICF is a global advisory and technology services company headquartered in Reston, Virginia. It delivers data-driven solutions across energy, en
Description We are seeking a Senior Test Engineer to drive quality engineering and test automation strategy for a modern cloud-based application environment supporting a federal customer. - This role is responsible for establishing and leading a comprehensive automated testing capability from the ground up, implementing end-to-end testing within an Azure-based architecture, and guiding a dispersed team of testers toward modern DevSecOps testing practices. - The ideal candidate combines hands-on test automation expertise, strategic leadership, and mentoring capability, ensuring high-quality software delivery across a full-stack environment built with Java Spring Boot services and Angular front-end applications. - The Senior Test Engineer will also oversee integration of manual testing, automated testing, and security validation within CI/CD pipelines while coordinating testing of software deployments and supporting customer-facing User Acceptance Testing (UAT) activities. Location: United States (Remote; DMV region preferred) Clearance Requirement: Must be US-based and currently hold or have previously held a Public Trust designation. Key Responsibilities Test Strategy & Leadership - Lead the design and implementation of a modern test automation strategy and framework across multiple applications and services. - Establish scalable automated testing frameworks from the ground up supporting UI, API, integration, regression, and end-to-end testing. - Provide technical leadership and mentorship to QA engineers and developers, helping elevate automation skills and testing best practices across the team. - Promote a quality engineering mindset within Agile and DevOps development teams. Automation & Technical Implementation - Develop and maintain automated tests for applications built with Java Spring Boot and Angular. - Implement UI automation using tools such as Cypress and backend/service testing using JUnit and other frameworks. - Design and implement end-to-end testing approaches that validate workflows across microservices and user interfaces. - Ensure automated tests run reliably within CI/CD pipelines and support rapid feedback during deployments. Cloud & DevOps Integration - Integrate testing frameworks and test execution into Azure DevOps pipelines and cloud-native deployment workflows. - Enable automated regression, smoke, and integration tests within the DevOps lifecycle. - Support test data management, environment strategy, and integration testing across distributed cloud services. Security & DevSecOps Testing - Implement automated application security testing within CI/CD pipelines. - Integrate security tools such as Prisma, Checkmarx, OWASP ZAP, and similar solutions to support vulnerability scanning and secure development practices. - Work with development and DevOps teams to ensure security findings are triaged, tracked, and remediated. User Acceptance Testing (UAT) - Support customer-facing UAT cycles, including test planning, execution coordination, and results reporting. - Partner with product owners and stakeholders to ensure acceptance criteria and validation processes align with mission needs. - Provide transparent reporting on testing progress, risks, and quality metrics. Required Qualifications - Current or previous Public Trust designation. - 5+ years of software testing and quality engineering experience, including test automation leadership. - 1+ Years of experience designing and implementing automated testing frameworks from the ground up. - 1+ years of experience testing applications built with Java Spring Boot and Angular. - 1+ years of experience with test automation tools such as Cypress, JUnit, or comparable frameworks. - 1+ years of experience integrating automated testing into CI/CD pipelines in a DevOps environment. - 1+ years of experience implementing end-to-end testing strategies in Azure cloud environments. - 1+years of experience supporting or leading User Acceptance Testing (UAT) with external stakeholders or customers. - Experience supporting federal government software development programs. - US Citizenship required due to federal contract requirements - Must be able to obtain and maintain a Public Trust clearance. Preferred Qualifications - Experience implementing DevSecOps testing practices. - Strong leadership, mentoring, and team development skills. - Familiarity with security testing tools such as Prisma Cloud, Checkmarx, OWASP ZAP, or similar. - Experience working within Agile/Scrum development environments. - Strong understanding of microservices architectures and API testing. What Success Looks Like - A robust automated testing framework supporting UI, API, and end-to-end testing across the platform. - Testing fully integrated into CI/CD pipelines, providing rapid feedback and improving deployment confidence. - Improved team automation capability through mentorship and technical leadership. - Efficient and well-coordinated UAT cycles with clear communication and quality outcomes. #DMX24 #Indeed #LI-CC1 #Clearance #yru22 Working at ICF ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future. We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy. We will consider for employment qualified applicants with arrest and conviction records. Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email Candidateaccommodation@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about workplace discrimination rights or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act. Candidate AI Usage Policy At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted. This policy is in place to maintain the integrity and authenticity of the interview process. However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at candidateaccommodation@icf.com. We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed. Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The pay range for this position based on full-time employment is: $81,499.00 - $138,549.00 Nationwide Remote Office (US99)



