Cypress is ambitiously changing the status quo of testing on the web with our next-generation, open source Test Runner and a Cloud service that enables an unprecedented developer experience. Our mission is focused squarely on making testing faster, easier, more approachable and enjoyable than ever before.

We’re a diverse group of highly skilled engineers with different specialties united by an emphatic focus on leveraging the principles of DevOps and Agile to deliver an exceptional developer experience to our customers. We value action, accountability, curiosity, and transparency. We take an automation first approach and strive to deliver massive value in all we do!

As a Senior Security Engineer in the Engineering team, you’ll be using your strong understanding of the threat landscape to find creative solutions to difficult problems that strike the right balance between speed and security to accomplish business objectives.

Our ideal candidate is someone who has an engineering mindset that allows them to identify issues, analyze options, and create structured plans to achieve quantifiable outcomes. Someone who is passionate about learning new technologies, approaches, and threat vectors while also transforming that knowledge into practical applications to improve Cypress’ security posture.

Responsibilities

• Serve as a subject matter expert for information security
• Promote the adoption of DevSecOps philosophies through tooling and user education
• Provide consultation to peers and colleagues relative to the delivery of secure services
• Manage all aspects of threat, risk, and vulnerability management programs
• Analyzes and recommends security measures to mitigate risks at critical points in the product development lifecycle
• Build and maintain roadmaps to support the continuous improvement of security posture
• Plan, coordinate, and execute threat assessments
• Develop threat detection capabilities
• Coordinate and respond to all security related incidents
• Create, maintain, and implement security tools, processes, and technologies
• Support regulatory compliance; including the creation of tooling, processes, and workflows

Requirements

• Outstanding written and verbal communication skills
• Several years of progressive responsibilities in information security
• Subject matter expertise in threat and risk management
• Experience with AWS security services and code analysis tools
• Experience implementing, demonstrating and adhering to compliance and regulatory requirements
• Ability to adapt to a rapidly changing environment

Although we list out what we generally look for, we are very likely missing other attributes and skills that you have that could make you a great addition, but are not currently listed. Research has shown this especially applies to women and other marginalized groups, who tend to apply if they check 100% of every box, versus men who apply if they hit roughly 60%. The point we’re getting at, it doesn’t hurt to take a chance and apply!

LI-Remote