Senior Offensive Security Engineer (Web)
REMOTE / PRODUCT SECURITY /FULL-TIME
Zoom is looking for a Senior Offensive Security Engineer to join our Security team, reporting to our Head of Offensive Security. Zoom Security Engineers are involved in every stage of the SDLC pipeline, from initial design to ongoing penetration testing. Our engineers can identify vulnerabilities in design and implementation, prove and explain these vulnerabilities to others, and provide practical recommendations and steps not just to fix the identified issue, but also to reduce similar occurrences in the future. We're looking for engineers with a variety of knowledge in application security and in-depth skills in one or more areas. Think "red that can lean blue."
Communicate discovered issues (OWASP 10; XSS, CSRF, SSRF, SQLi), how to exploit them, and how to fix them for both technical and nontechnical audiences.
You will work with external researchers through our bug bounty programs to reproduce, score, and further investigate reported issues.
Experience identifying and remediating OWASP 10 vulnerabilities (CSS, CSRF, SSRF, and SQLi).
Have a command of your most liked pentesting tools, and know how to use them to your advantage (Burp Suite, Kali Linux, Nessus, Metasploit).
Proficiency in one or more programming languages, and can both read and understand code written by others well enough to break it.
Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.
We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
All your information will be kept confidential according to EEO guidelines.
Given Zoom’s status as a federal contractor, we are subject to President Biden’s Executive Order requiring COVID-19 vaccinations for all US employees. As such, Zoom requires all US employees, including remote employees, to be fully vaccinated. Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.
Hear from our leadership team
Browse Awards and Employee Reviews on Comparably
Visit our Blog
Zoom with us!
Find us on social at the links below and on Instagram