Senior Security Engineer
*This position is eligible to be hired virtually within the US or locally in Atlanta, GA
At Cypress.io, we're on a mission to make software testing delightful and effective and thus dramatically improve the efficiency and quality of modern software development. Today, Cypress provides better, faster, and more reliable testing for anything that runs in a browser. Hundreds of thousands of developers and QA professionals use Cypress to write better code faster and release with confidence.
Cypress is currently used in over 90 countries by hundreds of thousands of developers across more than 30,000 organizations. Cypress has over 3,500 customers in more than 74 countries across 65 industries and includes marquee names like Atlassian, Crunchbase, GitHub, PayPal, and Slack.
The company was founded in 2015 and has raised $55M in capital to date, including a $40M Series B financing in November 2020, led by OpenView Partners, with participation from Bessemer Venture Partners, Battery Ventures, Sapphire Ventures, and Stripes.co.
Cypress is ambitiously changing the status quo of testing on the web with our next-generation, open source Test Runner and a Cloud service that enables an unprecedented developer experience. Our mission is focused squarely on making testing faster, easier, more approachable and enjoyable than ever before.
We’re a diverse group of highly skilled engineers with different specialties united by an emphatic focus on leveraging the principles of DevOps and Agile to deliver an exceptional developer experience to our customers. We value action, accountability, curiosity, and transparency. We take an automation first approach and strive to deliver massive value in all we do!
As a Senior Security Engineer in the Engineering team, you’ll be using your strong understanding of the threat landscape to find creative solutions to difficult problems that strike the right balance between speed and security to accomplish business objectives.
Our ideal candidate is someone who has an engineering mindset that allows them to identify issues, analyze options, and create structured plans to achieve quantifiable outcomes. Someone who is passionate about learning new technologies, approaches, and threat vectors while also transforming that knowledge into practical applications to improve Cypress’ security posture.
- Serve as a subject matter expert for information security
- Promote the adoption of DevSecOps philosophies through tooling and user education
- Provide consultation to peers and colleagues relative to the delivery of secure services
- Manage all aspects of threat, risk, and vulnerability management programs
- Analyzes and recommends security measures to mitigate risks at critical points in the product development lifecycle
- Build and maintain roadmaps to support the continuous improvement of security posture
- Plan, coordinate, and execute threat assessments
- Develop threat detection capabilities
- Coordinate and respond to all security related incidents
- Create, maintain, and implement security tools, processes, and technologies
- Support regulatory compliance; including the creation of tooling, processes, and workflows
- Outstanding written and verbal communication skills
- Several years of progressive responsibilities in information security
- Subject matter expertise in threat and risk management
- Experience with AWS security services and code analysis tools
- Experience implementing, demonstrating and adhering to compliance and regulatory requirements
- Ability to adapt to a rapidly changing environment
Although we list out what we generally look for, we are very likely missing other attributes and skills that you have that could make you a great addition, but are not currently listed. Research has shown this especially applies to women and other marginalized groups, who tend to apply if they check 100% of every box, versus men who apply if they hit roughly 60%. The point we’re getting at, it doesn’t hurt to take a chance and apply!
Although we list out what we generally look for, we are very likely missing other attributes and skills that you have that could make you a great fit, and are not currently listed. Research has shown this especially applies to women and other marginalized groups, who tend to apply if they check 100% of every box, versus men who apply if they hit roughly 60%. The point we’re getting at, it doesn’t hurt to take a chance and apply!
We are an inclusive employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.