Senior Security Vulnerability Management Engineer at Zoom Video Communications

Sorry, this job was removed at 4:39 a.m. (MST) on Wednesday, March 9, 2022
Find out who’s hiring remotely
See all Remote jobs
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Work Styles at Zoom
In most cases, you will have the opportunity to choose your preferred working location from the following options when you join Zoom: in-person, hybrid or remote. Visit this page for more information about Zoom's Workstyles .
Senior Security Engineer - Threat & Vulnerability Management Team (TVM)
Zoomies help the world connect - and deliver happiness while doing it. We set out to build the best video conferencing product for the enterprise, and today help people communicate better with products like Zoom Phone, Zoom Rooms, Zoom Video Webinars, Zoom Apps, and OnZoom.
We're problem-solvers and self-starters, working at a fast pace to design solutions with our customers and users in mind. Here, you'll work across teams to dig deep into impactful projects that are changing the way people communicate, and enjoy opportunities to advance your career in a diverse, inclusive environment.
Can you explain the difference between an injection attack versus the risk of using weak cryptographic ciphers? Can you maintain golden images without vulnerable components? Do you want to help protect infrastructure used by millions of Zoom users every day?
At Zoom, we are seeking a Senior Security Engineer to join the Threat and Vulnerability Management (TVM) team. This role will be instrumental in developing and sustaining a high level of security posture across the Zoom infrastructure and further expanding the Threat and Vulnerability Management program. This person will primarily focus on Zoom's approach to automated scanning and detection of web application and container vulnerabilities, and will work closely with asset owning partners across Zoom to inform and influence the remediation of vulnerabilities within defined timelines. This position will also provide updates to leadership regarding scanning results, compensating controls, and remediation plans.
  • Independently analyzes results from internal and external vulnerability scans and is charged with using experience and skills to prioritize risk-based remediation plans.
  • Articulate vulnerabilities and associated potential risk in context to system or asset
  • Review current container / web application usage and assess for threats and vulnerabilities in production environments
  • Triage and formulate remediation plans and/or compensating controls together with appropriate timelines following vulnerability scans using input from system owners.
  • Autonomously analyzes and implements optimal settings and configurations to perform vulnerability scans of networks, operating systems, applications, containers, cloud resources, and other information systems.
  • Ensure web application scanning meets needs of both internal and external security standards
  • Sets proper scan time frames to avoid service interruption, ensuring complete and accurate results are achieved.
  • Coordinate with application owners and Detection & Response teams to avoid loss of service and/or unwarranted incident responses
  • Validate and drive vulnerability remediation of discovered vulnerabilities.
  • Develop tools, documentation, processes, and techniques to assist in remediation of security

  • Customize cloud compliance tools to meet operational, audit and risk based needs
  • Respond to security incidents, intervene as necessary to protect company assets
  • Effectively recognize threats by performing relevant research and data analysis.
  • Ability to work extended or non-traditional hours on occasion to support emergency situations.
  • Perform other duties as needed.

  • At least 7 years experience in security required
  • 3+ years of experience with container scanning implementations and operations
  • 3+ years of experience with Web Application Scanning implementations and operations
  • Hands-on knowledge of information security technologies such as infrastructure hardening, security baselines, web server, database security, risk analysis, etc.
  • Strong knowledge or experience with container scanning tools such as Prisma Cloud or equivalent implementations
  • Strong knowledge or experience in working with and/or managing vulnerability scanners such as Qualys, Tenable, or equivalent scanning solutions Knowledge of vulnerability management frameworks and concepts such as CVE and CVSS
  • Strong organization, analytical and communications skills are required
  • Deep understanding of OWASP Top 10, and specifically A06:2021 Vulnerable and Outdated Components
  • Having a Prisma Certified Cloud Security Engineer certification or equivalent
  • Knowledge or experience with container management tools such as Docker, Amazon ECS, Kubernetes or equivalent implementations
  • Knowledge of desktop, server, and mobile operating systems
  • Knowledge of multiple cloud computing providers such as AWS, OCI, etc.
  • Experience with a scripting language (Perl, Python, or other)
  • Experience with a database and/or querying language
  • Understanding of cryptography and its implementation (key management, etc).
  • Ability to plan, organize, prioritize, work independently and meet deadlines.
  • This is a remote position in the U.S.

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.
We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law. If you need any assistance or accommodations due to a medical condition, or if you need assistance accessing our website or completing the application process, please let us know by emailing us at [email protected] .
Zoom requires all U.S. employees who will work in person at a Zoom office, attend in-person Zoom meetings or have in-person customer meetings to be fully vaccinated. Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.
Explore Zoom:
  • Hear from our leadership team
  • Browse Awards and Employee Reviews on Comparably
  • Visit our Blog
  • Zoom with us!
  • Find us on social at the links below and on Instagram
  • View more jobs, sign up for job alerts and join our talent community. Visit the Zoom careers site .
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • C++Languages
    • JavaLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • Shell/BashLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • AngularJSFrameworks
    • DjangoFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • SpringFrameworks
    • CassandraDatabases
    • HiveDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • OracleDatabases
    • PostgreSQLDatabases
    • AWSDatabases
    • SalesforceCRM
    • ClariCRM
    • OutreachEmail
    • KnowledgeTreeEmail


We are located North of the DTC area. Just a short drive away you can find trendy restaurants, bars, and the Cherry Creek Reservoir!
The United We Tech Series: The Zoom Episode

An Insider's view of Zoom Video Communications

What’s the vibe like in the office?

This office is fun, driven, smart, and happy. We’re proud of each other, our product, and how we work hard to make our customers happy and cared for.


Developer Advocate

What projects are you most excited about?

Right now, I’m most excited about optimizing our enablement programs at Zoom. As our team grows, it’s vital that we scale our programs and processes thoughtfully to ensure every Zoomie feels comfortable, confident, and equipped for success in their role. Watching individuals evolve as Zoom experts is both fun and fulfilling!


Customer Success Operations Manager

How has your career grown since starting at the company?

In my year and a half at Zoom, I’ve had the privilege of moving from a BDR, to a Team Lead, to an Account Executive. Through each step, my manager was transparent, approachable & committed to my own professional growth. Zoom recognizes that not all career paths are the same, and each manager takes an individual approach to identify what drives you.


Small/Medium Business Account Executive

How do you empower your team to be more creative?

One of the things I love about Zoom is the trust they have in me that allows me to be creative. Being a leader at Zoom I'm able to watch my team collaborate and teach each other. For me that's creativity. People with different ideas and experiences working together with one purpose. By empowering people to be creative you open the door to success.


SMB VAST Sales Manager

What makes someone successful on your team?

Teamwork is in our day to day, not only with other BDRs, where each can provide different points of view in a situation, but also with the Account Executives that are an indispensable guide to succeed when looking for new clients.


Business Development Rep.

What are Zoom Video Communications Perks + Benefits

Zoom Video Communications Benefits Overview

Zoom offers a wide range of benefits and perks to ensure our employees feel supported, enriched and cared for including free books, a wellness credit of $300 per month, and a multitude of Zoom-sponsored activities and celebrations to help you Work Happy.

To deliver this happiness to our employees, Zoom employs above-market and progressive compensation programs. At Zoom, we believe this is achieved through analyzing total direct compensation holistically. We offer all employees equity, allowing them to become owners who are vested in and benefit from the long-term success of the company.

Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
The Happy Crew is comprised of around 150 volunteers globally that deliver happiness internally to Zoom Employees!
Open door policy
Open office floor plan
Dedicated Diversity/Inclusion Staff
Diversity Employee Resource Groups
Employee Resource Groups include Veterans and [email protected] with more on the way!
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Onsite Gym
Mental Health Benefits
Retirement & Stock Options Benefits
Company Equity
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Child Care Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Adoption Assistance
Company sponsored family events
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Recreational Clubs
Relocation Assistance
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Promote from within
Mentorship program

Additional Perks + Benefits

Zoom listens to its employees. We’re growing and want our employees to be as happy as possible. One way we deliver this happiness is by continually building our benefits programs to best fit the wants and need of our employees. We also hold monthly Zoom Meetings with the whole company and our CEO Eric Yuan himself addresses questions or concerns submitted by employees. If you want to feel heard and appreciated join us in our ever evolving company and product!

More Jobs at Zoom Video Communications

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Zoom Video Communications's full profileSee more Zoom Video Communications jobs