Go Enterprise, contact us anytime: email, phone, or chat

  • Staff Product Security Engineer

    Zendesk

    Are you passionate about application security and want to drive security into products across an entire platform of products? Do you enjoy the challenge of designing creative solutions to tough problems? Are you excited about securing the newest technology including the public cloud, containerization and GraphQL? Can you thrive in a dynamic team where our 150k+ customers count on us for protecting their data?

Description

Are you passionate about application security and want to drive security into products across an entire platform of products? Do you enjoy the challenge of designing creative solutions to tough problems? Are you excited about securing the newest technology including the public cloud, containerization and GraphQL? Can you thrive in a dynamic team where our 150k+ customers count on us for protecting their data? If so, you might be a perfect fit for Zendesk’s Product Security Team! At Zendesk, we believe that security is everyone’s responsibility and that security decisions should be simple. When our customers or employees face options, we strive to make the secure option the easiest way of achieving their goals. Our Product Security team develops processes and builds tools that allow our Engineering team to make the right, secure decisions for our customers. We partner with our engineers to prioritize security during the entire software development process and provide tools and programs to do so including, but not limited to, a mature bug bounty program, Security Champions program, security reviews, static/dynamic testing tooling and vulnerability management.

Our awesome team

Our team is globally distributed with team members from different cultures and backgrounds. This gives us a diversity of opinions and experience, enabling us to see problems from many different perspectives and design the best solutions to tough problems. Our Product Security team members are always learning and growing their capabilities and skill sets. Your manager, Scott, empowers team members by supporting them when they need help and striving to coach rather than command. The goal is to always be growing and to do that you will continuously face new challenges and take on new opportunities to learn. Scott enjoys gardening, home brewing and video games, but would really like to hear what you are passionate about - aside from application security, of course!

What you’ll do as a Staff Product Security Engineer

Be the global lead of the Security Engagement program to guide engineers through the threat modeling process and scale our program around the world.

Guide and inspire developers across Zendesk to build security into their products and features from the very beginning.

Tackle projects to build out new capabilities to increase the scope and effectiveness of our team through process improvement and automation.

Mentor junior staff on security fundamentals, risk management and vulnerabilities.

Share in the execution of our Security Champions program to nurture a security culture and to help our engineers improve their security posture.

Assist in the vulnerability management process including triaging identified vulnerabilities and tracking them through the vulnerability lifecycle.

Be the voice of Zendesk Security while responding to customer security questions and issues.

Support incident response efforts as needed and work with teammates to investigate them.

What you need to succeed

At least 5 years of application security experience, plus experience mentoring junior staff.

Knowledge of modern web applications, frameworks and technologies - including their security threats and vulnerabilities.

An understanding of the threat modeling process and how to efficiently scale this with automation and taking a risk based approach to prioritize resource utilization.

Ability to design creative solutions to problems.

Outstanding verbal and written communication skills.

Programming experience (Ruby, Python, Scala, Golang, Node.js, Ember.js, or React is a plus) - please send us your GitHub/Bitbucket account or any other examples of projects, if available.

Experience securing large Amazon Web Service deployments.

Penetration testing experience/ability to verify common web vulnerabilities.

Ability to work on multiple projects/tasks at once - balancing and prioritizing work appropriately.

Experience with agile development processes, working in a fast-paced environment with continuous integration.

Bachelor's degree in Computer Science or other relevant focus of study.

Security certifications are a plus such as OSCP, GWEB, GPEN, GWAPT, CEH, CISSP, GSEC, etc

#LI-BB3


Responsibilities

  • Be the global lead of the Security Engagement program to guide engineers through the threat modeling process and scale our program around the world.
  • Guide and inspire developers across Zendesk to build security into their products and features from the very beginning.
  • Tackle projects to build out new capabilities to increase the scope and effectiveness of our team through process improvement and automation.
  • Mentor junior staff on security fundamentals, risk management and vulnerabilities.
  • Share in the execution of our Security Champions program to nurture a security culture and to help our engineers improve their security posture.
  • Assist in the vulnerability management process including triaging identified vulnerabilities and tracking them through the vulnerability lifecycle.
  • Be the voice of Zendesk Security while responding to customer security questions and issues.
  • Support incident response efforts as needed and work with teammates to investigate them.

Details

  • Travel No travel
  • Incentives Stock options
  • Clearance & Citizenship U.S. Citizenship
  • Remote Work Full remote okay
  • Education Bachelors Degree
  • Salary Range 150-170K

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!

Company Ratings powered by

  • 4.4

    Overall Rating - Very Satisfied


  • Culture and Values 4.1
  • Work/Life Balance 4.3
  • Senior Management 3.7
  • Comp and Benefits 4.1
  • Career Opportunities 3.8