Senior Security Engineer

Job Description

Conduct threat modeling, architecture review, security code review, security assessment, penetration testing (web application, native application, web services, cloud-based services, and infrastructure assessments). Perform in-depth security review of new Zoom features. This includes identifying security vulnerabilities (OWASP top ten, common issues in NVD, RCE), reviewing code in Java or C++, verifying security posture through pen-test (using manual/automated techniques with tools like Kali Linux, Burp suite, Checkmarx, WebInspect). Perform cloud infrastructure security reviews; the primary focus will be on AWS and many of its common service components (S3, IAM, EC2, VPC). Document security best practices, develop tools, libraries, scripts or customize existing tools to automate security vulnerability detection and remediation. Identify gaps in existing cloud security architecture design/configuration and recommend changes (authentication, authorization, network segmentation, container configuration, bastion host setup). Partner with engineering and operation teams to integrate mitigation controls into continuous integration, delivery and deployment processes. Work on areas to develop security baseline for cloud, container, and application and integrate into the CI/CD pipeline. Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements (NIST controls, SOC2).

Minimum Education & Experience Requirements:

Requires a Bachelor's degree in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent. Must have 4 years of experience in the job offered or related occupation. Must have 4 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.

OR

Requires a Master's degree in in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent. Must have 2 years of experience in the job offered or related occupation. Must have 2 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.

Telecommuting work arrangement permitted: position may work in various unanticipated locations throughout the U.S. Position does not require domestic or international travel.

Company Name: Zoom Video Communications, Inc.

#LI-DNI

Salary Range or On Target Earnings

Minimum

$212,750.00

Maximum

$259,500.00

In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.

Information about Zoom's benefits is on our careers page here (~~~) .

Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience.

We also have a location based compensation structure; there may be a different range for candidates in this and other locations.

Ways of WorkingOur structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting.

BenefitsAs part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn (~~~) for more information.

About UsZoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom ~~~'re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you'll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

Our Commitment?We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.

We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law.

If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form (~~~) and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed.

Good news - this job posting is more like a marathon, not a sprint, so it could be available for a while! We're on the lookout for awesome folks to join Zoom in various similar roles. No need to rush, just hit us up whenever you're ready to apply. We're always keeping an eye out for amazing talent!