Senior Security Engineer

Job Expired

Work Styles at Zoom

In most cases, you will have the opportunity to choose your preferred working location from the following options when you join Zoom: in-person, hybrid or remote. Visit this page for more information about Zoom’s Workstyles.

About Us

Zoomies help people stay connected so they can get more done together. We set out to build the best video product for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.

We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

Job Description: Conduct threat modeling, architecture review, security code review, security assessment, penetration testing (web application, native application, web services, cloud-based services, and infrastructure assessments). Perform cloud infrastructure review from a security perspective; the primary focus will be on AWS and many of its common service components such as S3, IAM, EC2, VPC. Perform in-depth security review of new Zoom features. This includes identifying security vulnerabilities (OWASP top ten, common issues in NVD, RCE), reviewing code in Java or C++, verifying security posture through pen-test (using manual/automated techniques with tools like Kali Linux, Burp suite, Checkmarx, WebInspect). Identify gaps in existing cloud security architecture design/configuration and recommend changes (authentication, authorization, network segmentation, container configuration, bastion host setup). Partner with engineering and operation teams to integrate mitigation controls into continuous integration, delivery and deployment processes. Work on essential areas to develop security baseline for

cloud, container, and application and integrate it into the CI/CD pipeline. Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements (NIST controls, SOC2).

Minimum Education & Experience Requirements: Master’s degree in Computer Science, Information Science, Cyber Security, Computer or Electrical Engineering, a related field, or a foreign equivalent plus 2 years of post-baccalaureate experience in job offered or related occupation. In lieu of the Master’s degree plus 2 years of experience, Employer is willing to accept a Bachelor’s degree in Computer Science, Information Science, Cyber Security, Computer or Electrical Engineering, a related field, or a foreign equivalent, plus 5 years of progressively responsible post-baccalaureate experience in the job offered or related role. Applicants must have 2 years of experience (5 years of experience in possession of a relevant Bachelor’s Degree) in: (1) penetration testing in different environments, including web application, native application, network/distributed systems, and cloud infrastructure including AWS; (2) software security architecture and design review, threat modeling, security code review, SDLC; (3) working with native or IoT applications; (4) discovering critical vulnerabilities including RCE and document vulnerability; (5) providing reproduction steps and remediation guidelines; (6) working with AWS and common service components within AWS; (7) Identifying security gaps in the design and configuration issues in AWS individual components; and (8) network and application security (OWASP), infrastructure hardening, security baselines, web server, container and database security. Telecommuting Available.

Company Name: Zoom Video Communications, Inc.

#LI-DN

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone’s perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.

We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law. If you need any assistance or accommodations due to a medical condition, or if you need assistance accessing our website or completing the application process, please let us know by emailing us at [email protected].

At Zoom, we care about our employees, their families, and their well-being. As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. To view our benefits, click here.

More Information

  • This job has expired!
Share this job

Zoom

(0)

13th Anniversary Global InfoSec Awards for 2025 now open for super early bird packages! Winners Announced during RSAC 2025...

X