Security Engineer

About the Role

The Security Architecture team at Zoom is dedicated to releasing and deploying secure products. You will work closely with diverse engineering, compliance, and DevOps teams across the organization to meet security goals and maintain compliance with established SLAs.

What You Will Do

• Guide engineering teams in end-to-end secure system design and implementation
• Conduct threat modeling, architecture review, security code review, security assessment, and security testing for various applications and services
• Perform cloud infrastructure reviews from a security perspective, focusing on AWS permissions and configuration issues
• Identify gaps in existing cloud security architecture design/configuration and recommend enhancements
• Provide hands-on security training and secure coding best practices to engineering teams
• Collaborate with cross-functional teams to design and implement secure solutions
• Stay up-to-date with the latest security technologies and trends
• Develop and maintain security documentation and guidelines
• Participate in security audits and compliance activities
• Identify and mitigate potential security risks and vulnerabilities

What We Are Looking For

• Bachelor's degree in Computer Science, Information Science, Cyber Security, Computer or Electrical Engineering (or similar field)
• 5+ years of experience in security, with extensive experience in security testing and assessing the security posture of web applications, native applications, distributed systems, and cloud infrastructure
• Solid understanding of software security architecture, design, threat modeling, secure code review, cryptography, and the SDLC
• Ability to clearly communicate best practices and effective mitigations for application security
• Hands-on security experience working with AWS and common service components within AWS
• In-depth knowledge of network-based, system-level, and application-layer attacks and mitigation methods
• Good knowledge of technology and security topics, including network and application security, infrastructure hardening, security baselines, web server, database security, and applied cryptography
• Development experience in one or more programming languages, such as Java

Nice to Have

• Experience with security frameworks and compliance standards (e.g., OWASP, HIPAA)
• Knowledge of cloud security technologies and solutions (e.g., IAM, S3)
• Familiarity with security testing tools (e.g., Burp Suite, Coverity)
• Certification in security or a related field (e.g., CISSP, CEH)
• Experience with agile development methodologies

Benefits and Perks

• Competitive salary and benefits package
• Opportunity to work with cutting-edge cloud and security technologies
• Collaborative and dynamic work environment
• Flexible and remote work arrangements
• Professional development and growth opportunities
• Access to the latest security tools and technologies
• Comprehensive health insurance and wellness programs
• Generous paid time off and vacation policy
• Equity and stock options
• Retirement savings plan
• Employee assistance programs

• Develop a strong portfolio showcasing your experience in security engineering, including examples of secure system design and implementation.
• Familiarize yourself with Zoom's products and services, and be prepared to discuss how you can contribute to their security.
• Highlight your experience with cloud security technologies and solutions, such as AWS and IAM.
• Prepare to discuss your approach to threat modeling, secure code review, and security testing.
• Be ready to provide examples of how you have identified and mitigated potential security risks and vulnerabilities in previous roles.
• Show your passion for staying up-to-date with the latest security technologies and trends, and be prepared to discuss how you stay current in the field.
• Consider obtaining certifications in security or related fields to demonstrate your expertise and commitment to the field.