Senior Security Engineer - Product Security

| Remote
Sorry, this job was removed at 8:55 a.m. (MST) on Saturday, April 16, 2022
Find out who’s hiring remotely
See all Remote jobs
Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

All roles at JumpCloud are Remote unless otherwise specified in the Job Description.


About JumpCloud

JumpCloud’s mission is to Make Work Happen®, providing simple, secure access to corporate technology resources from any device, or any location. The JumpCloud Directory Platform gives IT, security operations, and DevOps a single, cloud-based solution to control and manage employee identities, their devices, and apply conditional access controls based on Zero Trust principals. Since launching in 2012, our global user base has grown to more than 150,000 organizations, with more than 5,000 paying customers including Cars.com, GoFundMe, Grab, ClassPass, Uplight and Peloton. JumpCloud has raised over $400M from world-class investors including Sapphire Ventures, General Atlantic, Sands Capital, Atlassian, and CrowdStrike. Our teams are growing fast, too, and we're looking for talent across engineering, sales, customer success, marketing, product management, and more. Join our team of dedicated, passionate, and creative people who are eager to change the IT industry forever.


About the Role: 


JumpCloud is looking for a Senior Security Engineer - Product Security to enhance the security posture of our software through domain expertise and hands-on collaboration with product and engineering teams.


You will be someone JumpCloudians across the company depend on and trust to help them build secure and reliable systems. You will be designing and developing innovative security solutions for ensuring our developers build secure products.


You’ll set the vision and strategy for how we securely author and maintain our software. You will be pivotal in driving secure coding and SDLC efforts, code reviews, architecture and design reviews, and threat modeling.


You will be expected to partner closely with product and engineering teams to drive vulnerability remediation, help make design decisions, and consult on new functionality.

You'll be playing a key role in keeping JumpCloud secure and compliant – bringing security to our company's forefront.


Most importantly, you will become a critical member of the team responsible for ensuring the integrity of JumpCloud’s products and keeping JumpCloud’s users safe.

Responsibilities and Duties:

  • Perform security reviews and produce threat models for products and new features
  • Define and evangelize secure coding practices
  • Build security into our SDLC and integrate into our delivery pipelines
  • Qualify findings from penetration tests, responsible disclosure programs, static analysis, and other discovery methods
  • Present findings and explain the impact and recommended solutions to any level of leadership and other engineers
  • Work with software engineers to analyze security vulnerabilities and follow through with issues until resolution
  • Build automation and tools to improve security aspects of code quality, SAST, DAST, and QA testing processes
  • Prototype and evangelize hardened frameworks or libraries to ensure the right way is the easy way

Qualifications and Skills:

  • Substantial knowledge of common web application attacks and defense strategies (e.g., the OWASP Top 10, critical controls, and CWE Top 25). Proficient in detection, exploitation, and prevention of security vulnerabilities.
  • Experience in application-level vulnerability testing
  • Practical experience with multiple programming languages (e.g., Python, Ruby, Java, JavaScript, Golang)
  • In-depth technical knowledge and professional experience with software development, service identity and authentication methodologies, and applied cryptography
  • Familiarity with containerization and protecting cloud-native architectures
  • Minimum of 5 years of experience with any combination of the following: penetration testing, threat modeling, secure software development, application security, product security
  • Understand the people aspects of security and enjoy collaborating with others to build secure things

In accordance with the Colorado Equal Pay for Equal Work Act, the approximate annual compensation range for this role, depending on individual candidate level and experience, is $140,000 to $175,000, including base salary and any related bonuses or commissions. JumpCloud provides a comprehensive benefits package, with several medical plans to choose from including a high deductible HSA plan with employer contribution, two dental plans, vision insurance, flexible spending account (FSA), employee assistance program (EAP), short- and long-term disability, life insurance and a 401k savings plan with match. We have an unlimited vacation policy.


#LI-JW1


Where you’ll be working/Location:

JumpCloud is committed to being Remote First, meaning that are you able to work remotely within the country noted in the Job Description.


For US Roles: All roles posted in United States locations do require that you be located within one of the 50 U.S. States. Our Headquarters is in the Denver/Boulder, CO area but as a remote company, you are able to work remotely anywhere in the U.S. If you would like to spend time in the office in Denver/Boulder area, you are welcome do that as well.


Why JumpCloud?  

If you thrive working in a fast, SaaS-based environment and you are passionate about solving challenging technical problems, we look forward to hearing from you! JumpCloud is an incredible place to share and grow your expertise! You’ll work with amazing talent across each department who are passionate about our mission. We’re out of the box thinkers, so your unique ideas and approaches for conceiving a product and/or feature will be welcome. You’ll have a voice in the organization as you work with a seasoned executive team, a supportive board and in a proven market that our customers are excited about.


One of JumpCloud's three core values is to “Build Connections.” To us that means creating " human connection with each other regardless of our backgrounds, orientations, geographies, religions, languages, gender, race, etc. We care deeply about the people that we work with and want to see everyone succeed." - Rajat Bhargava, CEO


Please submit your résumé and brief explanation about yourself and why you would be a good fit for JumpCloud. Please note JumpCloud is not accepting third party resumes at this time.


JumpCloud is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. 


#LI-Remote

Read Full Job Description
Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C++Languages
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • PowerShellLanguages
    • Node.jsFrameworks
    • VueFrameworks
    • MongoDBDatabases
    • PostgreSQLDatabases
    • AWS (Amazon Web Services)Services
    • GitHubServices
    • Google CloudServices
    • Google AnalyticsAnalytics
    • FigmaDesign
    • MiroDesign
    • PhotoshopDesign
    • ConfluenceManagement
    • Google DriveManagement
    • Google DocsManagement
    • Google SlidesManagement
    • JIRAManagement
    • Monday.comManagement
    • WordpressCMS
    • DocuSignCRM
    • DriftCRM
    • LinkedIn SalesNavigatorCRM
    • OutreachCRM
    • SalesforceCRM
    • Salesforce CPQCRM
    • Salesforce PardotCRM
    • SendGridEmail
    • MarketoLead Gen

Location

Our HQ is located between Denver and Boulder. Since we're remote first with employees in most U.S. states and 14 countries, we use the office as a hub to bring people together for team events and meetings.

An Insider's view of JumpCloud

What’s the vibe like in the office?

A key trait for us is having an open, positive mind. We believe that taking the road less travelled - or at least exercising that path - will create new, different, and interesting ideas. We ask our teams to always consider the outside-of-the-box solution to a problem and encourage them to try those creative ideas.

Aaron

VP of People

What projects are you most excited about?

Growth! JumpCloud is actively growing in Denver/Boulder and across the U.S. Attracting and engaging a diverse group of talent as we continue to expand is my main focus. JumpCloud has a strong culture of learning, so we're always looking at what we're doing and adjusting to make it even better.

Katy

Manager, People Attraction

What makes someone successful on your team?

My team members feel empowered to create, design and execute with a lot of freedom at JumpCloud. This enables them to take an active role in their career development and the development of other team members at JumpCloud.

Courtney

Manager, Learning and Development

How do you make yourself accessible to the rest of the team?

I'm available pretty much anytime via email, Slack, phone, in person. More than the communication vehicles and time, I really like to dig in on projects with our teams. By working on important issues together as just another voice or hand to help, I think that helps the team feel that I'm accessible to them and there to help.

Rajat

CEO

How do you make yourself accessible to the rest of the team?

One of the core roles in our engineering group is called pathfinder. They are constantly looking at different areas of our product and future plans and coming up with innovative new ways to achieve these. These engineers lead sessions with cross-functional teams on how to leverage their innovations for competitive advantage in the marketplace.

Rajat

CEO

What are JumpCloud Perks + Benefits

JumpCloud Benefits Overview

JumpCloud offers comprehensive benefits package as well as many perks to enhance the employee experience! We offer everything from Flexible PTO policy, we are a Remote First company, meaning you could live next to the office and we'd never force you to come in, medical, vision, dental, life, accident insurance, legal perks, identity protection, professional development opportunities, a growing DEI&B program with ERG's, casual work environment, and more!

Culture
Partners with nonprofits
We partner with educational opportunities like the Turing School to provide support for early-career and underrepresented students interested in careers in software development and technology.
Open door policy
OKR operational model
Team based strategic planning
Pair programming
Open office floor plan
Flexible work schedule
Remote work program
JumpCloud is remote first, you are never required to come to the office (but you can if you want to)!
Diversity
Documented equal pay policy
Dedicated diversity and inclusion staff
Highly diverse management team
JumpCloud's management team is as diverse as our individual contributors and our executive staff is committed to DEI&B initiatives across the company.
Mandated unconscious bias training
Our unconscious bias training includes culture add vs fit, recency effect, halo/horns effect, like us bias, primacy effect, confirmation bias, and contrast effect and includes strategies to address
Mean gender pay gap below 10%
Diversity employee resource groups
Our ERG's include CloudPride (LGBTQIA+), BlackSpace (Black, Indigenous, and People of Color), WIT (Womxn in Tech), and Pa'lante (Latiné/Hispanic)!
Hiring practices that promote diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
JumpCloud employees can contribute up to $2850.00 annually to their FSA.
Disability insurance
Dental insurance
JumpCloud has two different dental plans to choose from.
Vision insurance
Health insurance
JumpCloud offers three different medical plans including an HSA plan where JumpCloud contributes to employees HSA accounts each paycheck (amount varies based on plan). Healthcare coverage starts day 1
Life insurance
JumpCloud offers group life benefits and a variety of voluntary life insurance options.
Wellness programs
JumpCloud offers a premium subscription to the Calm app for each employee!
Mental health benefits
JumpCloud offers an EAP (Employee Assistance Program) at no cost to the employee. Our medical benefits include coverage of mental health/wellness.
Transgender health care benefits
Wellness days
Abortion travel benefits
JumpCloud's employee healthcare benefits include expanded medical travel coverage. Medical travel coverage is available when there is no provider located within 100 miles of an employee's home.
Financial & Retirement
401(K)
In addition to 401k, meet with a personal financial consultant to assist with financial wellness planning. This benefit is provided at no cost to team members and includes unlimited 1:1 sessions.
401(K) matching
JumpCloud matches 50% of employee's contributions up to 6%.
Company equity
Child Care & Parental Leave Benefits
Childcare benefits
JumpCloud offers a dependent care FSA option, where employers can set aside pre-tax dollars for child care or other dependent care.
Generous parental leave
Family medical leave
Return-to-work program post parental leave
Vacation & Time Off Benefits
Generous PTO
JumpCloud offers an unlimited PTO program to our team members.
Paid holidays
Paid sick days
We have Unlimited Paid Time Off which includes both vacation and sick time.
Flexible time off
Office Perks
Company-sponsored outings
Free snacks and drinks
Company-sponsored happy hours
Onsite office parking
Professional Development Benefits
Job training & conferences
Lunch and learns
Promote from within
Mentorship program
Online course subscriptions available
Paid industry certifications

Additional Perks + Benefits

JumpCloud is always evaluating and listening to our employees to offer the most beneficial benefits for JumpCloudians!

More Jobs at JumpCloud

Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about JumpCloudFind similar jobs like this