Senior Security Engineer

About the role

Our product sits at the intersection of financial technology, data science, security, policy, law enforcement, and design. We operate in a high security, high stakes environment, working with some of the most sensitive data you can imagine. Given this environment, our product team has held "Security First" as a value since our founding.

Your responsibilities will be broad. They will include source code auditing, developing threat models, reviewing technical design documentation, and finding ways to empower engineering teams to build secure software by default. You must have a strong ability to work with colleagues to understand our products and then develop ways to improve existing security infrastructure. Our security engineers must also be builders: designing and implementing tools and systems that keep our company safe and successful. Given this broad scope, you will also need to prioritize your own work and communicate your priorities and goals to management.

What you're looking to do:

• Support Hummingbird as we navigate the security landscape.
• Assess, define, and continuously improve Hummingbird’s security posture, policies, and procedures.
• Help to create a paranoid, security conscious culture across the organization.
• Develop systems and features that support a secure product and infrastructure.
• Conduct code reviews & give input on product definition and product design docs.
• Work with a small, passionate, and experienced team: We're still a small team of mostly senior engineers, and we love to do quality work together. We're fully remote, and we make a strong effort to prioritize, design, and code collaboratively
• Influence the product roadmap and strategy: Great ideas come from everywhere. Everyone on the team has a voice in strategy discussions, and is trusted to make significant decisions
• Have the opportunity to grow into leadership: Hummingbird is growing rapidly. As we do, there will be opportunities for all engineers to take on new roles in product, technology, or people leadership positions
• Report directly to the CTO and partner with them to influence broader technology and security strategy

What we’re looking for:

• 5+ years working in security with experience in AppSec.
• A learning, growth mindset, regardless of level or experience.
• Experience coding in Python, Ruby, and/or Javascript.
• Strong communication skills. You will be working closely with senior engineering teams and will need the ability to influence and educate.
• Passion for what we do! Hummingbird’s mission is to fight financial crime, and we center our work around enabling our clients to catch the bad guys.
• Someone who knows what good looks like - our ideal candidate has strong opinions, loosely held, on how to build, scale, and own an information security practice area
• Ideally you've worked both in security and as a systems/software engineer. We need you to bridge the gap.
  Experience working in the enterprise SaaS world is a plus, but certainly not required.

Technologies we use and teach:

• Ruby/Rails
• React, JavaScript, TypeScript, d3
• AWS, PostgreSQL, Redis, ElasticSearch