Job Search Assistant
Senior Security Engineer
Zoom • Remote • Posted 30+ days ago
Boost your interview chances in seconds
Tailored resume, cover letter, and cheat sheet
Remote • Full-time • $212,750-$259,500/yr • Senior Level
Job Highlights
Using AI ⚡ to summarize the original job post
The Senior Security Engineer at Zoom will conduct threat modeling, architecture review, security code review, security assessment, penetration testing, and perform in-depth security review of new Zoom features. This role involves identifying security vulnerabilities, reviewing code in Java or C++, verifying security posture through pen-test, and performing cloud infrastructure security reviews, with a primary focus on AWS. The position also includes documenting security best practices, developing tools to automate security vulnerability detection and remediation, and integrating mitigation controls into the CI/CD pipeline.
Responsibilities
- Conduct threat modeling, architecture review, security code review, security assessment, penetration testing (web application, native application, web services, cloud-based services, and infrastructure assessments).
- Perform in-depth security review of new Zoom features, identifying security vulnerabilities (OWASP top ten, common issues in NVD, RCE), reviewing code in Java or C++, verifying security posture through pen-test.
- Perform cloud infrastructure security reviews, focusing on AWS and many of its common service components (S3, IAM, EC2, VPC).
- Document security best practices, develop tools, libraries, scripts or customize existing tools to automate security vulnerability detection and remediation.
- Identify gaps in existing cloud security architecture design/configuration and recommend changes.
- Partner with engineering and operation teams to integrate mitigation controls into continuous integration, delivery and deployment processes.
- Work on areas to develop security baseline for cloud, container, and application and integrate into the CI/CD pipeline.
- Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements.
Qualifications
Required
- Bachelor's degree in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent.
- 4 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.
- OR Master's degree in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent.
- 2 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.
About Zoom
Zoom is a video communications company based in San Jose, California. It offers software solutions for video conferencing, online meetings, and webinars, with a cloud-based platform allowing users to connect remotely. Known for its features like screen sharing and virtual backgrounds, Zoom has become a popular choice for personal and business use, achieving market success and global recognition.
Full Job Description
Job Description:
Conduct threat modeling, architecture review, security code review, security assessment, penetration testing (web application, native application, web services, cloud-based services, and infrastructure assessments). Perform in-depth security review of new Zoom features. This includes identifying security vulnerabilities (OWASP top ten, common issues in NVD, RCE), reviewing code in Java or C++, verifying security posture through pen-test (using manual/automated techniques with tools like Kali Linux, Burp suite, Checkmarx, WebInspect). Perform cloud infrastructure security reviews; the primary focus will be on AWS and many of its common service components (S3, IAM, EC2, VPC). Document security best practices, develop tools, libraries, scripts or customize existing tools to automate security vulnerability detection and remediation. Identify gaps in existing cloud security architecture design/configuration and recommend changes (authentication, authorization, network segmentation, container configuration, bastion host setup). Partner with engineering and operation teams to integrate mitigation controls into continuous integration, delivery and deployment processes. Work on areas to develop security baseline for cloud, container, and application and integrate into the CI/CD pipeline. Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements (NIST controls, SOC2).
Minimum Education & Experience Requirements:
Requires a Bachelor's degree in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent. Must have 4 years of experience in the job offered or related occupation. Must have 4 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.
OR
Requires a Master's degree in in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent. Must have 2 years of experience in the job offered or related occupation. Must have 2 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.
Telecommuting work arrangement permitted: position may work in various unanticipated locations throughout the U.S. Position does not require domestic or international travel.
Company Name: Zoom Video Communications, Inc.
#LI-DNI
Salary Range or On Target Earnings:
Minimum:
$212,750.00
Maximum:
$259,500.00
In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.
Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience.
We also have a location based compensation structure; there may be a different range for candidates in this and other locations.
Ways of WorkingOur structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting.
BenefitsAs part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn (https://careers.zoom.us/benefits) for more information.
About UsZoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.We're problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you'll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.
Our CommitmentWe believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.
We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law.
If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form (https://form.asana.com/?k=OIuqpO5Tv9XQTWp1bNYd8w&d=1127274756253361) and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed.
Think of this opportunity as a marathon, not a sprint! We're building a strong team at Zoom, and we're looking for talented individuals to join us for the long haul. No need to rush your application - take your time to ensure it's a good fit for your career goals. We continuously review applications, so submit yours whenever you're ready to take the next step.
Conduct threat modeling, architecture review, security code review, security assessment, penetration testing (web application, native application, web services, cloud-based services, and infrastructure assessments). Perform in-depth security review of new Zoom features. This includes identifying security vulnerabilities (OWASP top ten, common issues in NVD, RCE), reviewing code in Java or C++, verifying security posture through pen-test (using manual/automated techniques with tools like Kali Linux, Burp suite, Checkmarx, WebInspect). Perform cloud infrastructure security reviews; the primary focus will be on AWS and many of its common service components (S3, IAM, EC2, VPC). Document security best practices, develop tools, libraries, scripts or customize existing tools to automate security vulnerability detection and remediation. Identify gaps in existing cloud security architecture design/configuration and recommend changes (authentication, authorization, network segmentation, container configuration, bastion host setup). Partner with engineering and operation teams to integrate mitigation controls into continuous integration, delivery and deployment processes. Work on areas to develop security baseline for cloud, container, and application and integrate into the CI/CD pipeline. Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements (NIST controls, SOC2).
Minimum Education & Experience Requirements:
Requires a Bachelor's degree in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent. Must have 4 years of experience in the job offered or related occupation. Must have 4 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.
OR
Requires a Master's degree in in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent. Must have 2 years of experience in the job offered or related occupation. Must have 2 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.
Telecommuting work arrangement permitted: position may work in various unanticipated locations throughout the U.S. Position does not require domestic or international travel.
Company Name: Zoom Video Communications, Inc.
#LI-DNI
Salary Range or On Target Earnings:
Minimum:
$212,750.00
Maximum:
$259,500.00
In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.
Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience.
We also have a location based compensation structure; there may be a different range for candidates in this and other locations.
Ways of WorkingOur structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting.
BenefitsAs part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn (https://careers.zoom.us/benefits) for more information.
About UsZoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.We're problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you'll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.
Our CommitmentWe believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.
We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law.
If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form (https://form.asana.com/?k=OIuqpO5Tv9XQTWp1bNYd8w&d=1127274756253361) and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed.
Think of this opportunity as a marathon, not a sprint! We're building a strong team at Zoom, and we're looking for talented individuals to join us for the long haul. No need to rush your application - take your time to ensure it's a good fit for your career goals. We continuously review applications, so submit yours whenever you're ready to take the next step.
Search for other jobs like this one:
Search for popular related roles:
Remote Senior Manager, Security Engineering jobsRemote Senior Lead Security Engineer jobsRemote Senior Security Engineer - User Security jobsRemote Senior System Security Engineer jobsRemote Senior Security Operations Engineer jobsRemote Senior Security Infrastructure Engineer jobsRemote Senior DevSecOps Security Engineer jobsRemote Senior Enterprise Security Engineer jobsRemote Senior Applications Security Engineer jobsRemote Senior Engineer Software Security jobs
Search nearby locations hiring for this role:
Senior Security Engineer jobs in Stanford, CASenior Security Engineer jobs in Camino Tassajara, CASenior Security Engineer jobs in Blackhawk, CASenior Security Engineer jobs in Menlo Park, CASenior Security Engineer jobs in Gilroy, CASenior Security Engineer jobs in Albany, CASenior Security Engineer jobs in Fremont, CASenior Security Engineer jobs in Oakley, CASenior Security Engineer jobs in Tracy, CASenior Security Engineer jobs in San Mateo, CA