Security Engineer- Platform Security- Workvivo

at  Zoom Video Communications Inc

YOU WOULD BE A GOOD FIT IF YOU

• Have very strong experience fixing security vulnerabilities
• Are a strong programmer (ideally Laravel, PHP, Go), though these languages are not a pre-requisite. You should be able to consume these frameworks and languages easily.
• Have excellent attention to detail
• Have a strong sense of curiosity and ability to focus
• Can go well beyond understanding low hanging fruit as a vulnerabilities such as HTTP Headers, CSP and so on
• Can comfortably explain differences between encryption, hashing and associated use cases
• Have good knowledge of AWS
• Are able to critically analyse Vulnerability & Penetration test reports from external partners and customers
• Have experience (and are comfortable) with any relevant programming language, and willingly to tackle Laravel, PHP, Go. Ideally you are very strong with PHP.
• Are comfortable discussing the latest security technology
• Critically challenge security vulnerabilities
  We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone’s perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.
  We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law. If you need any assistance or accommodations due to a medical condition, or if you need assistance accessing our website or completing the application process, please let us know by emailing us at careers@zoom.us.
  At Zoom, we care about our employees, their families, and their well-being. As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways.

WAYS OF WORKING

Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting.

ABOUT US

Zoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.
We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

• Fix the vulnerabilities discovered by the Offensive security team (Web App, Mobile App, APIs, AWS infrastructure)
• The responsibilities at the core of this role are about preventing, fixing, or mitigating vulnerabilities associated with the Workvivo platform and associated infrastructure
• The role will require coding from a security perspective, you will be expected to code in Laravel, PHP and Go.
• The role will also be responsible for the Security control plane of the Workvivo Platform, including authentication, authorization, audit, session management etc
• You will work within Workvivo’s / Zoom’s internal security team
• Working daily with the Security, AWS Infrastructure & Application engineering teams
• Overall the team has responsibilities for Security, Scalability and Stability. You will work within the security responsibility of the team
• Contribute to improving the security controls associated with the Workvivo platform including the Workvivo App, Administration App and AWS Infrastructure.
• Introduce and code automated security solutions
• Contribute to improving security across Workvivo & Zoom, including feeding into the Engineering Security training program.
• Participate in Security training for Engineers, presenting discovered vulnerabilities and associated solutions.
• The role has scope to work cross functionally within Zoom Security, e.g. Bug Bounty, Incident Response, SOC, Vulnerability Management etc.