Staff Security Engineer (Cryptography)
Remote / Full Time
Zoom is looking for a Staff Security Engineer (Cryptography) to join our Security team, reporting to our Head of Security Architecture. You will oversee the design, review, and implementation of encryption primitives for Zoom video and meeting applications.
You will be a trusted advisor to engineering teams, delivering architecture guidance, leading proof of concept implementation, and assisting in implementations of crypto-related features. This is a unique, exciting opportunity to work on and learn about the latest and greatest technologies in the cloud, security, and cryptography.
You will provide guidance and expertise in crypto design, implementation, and validation to engineering teams across the company.
Conduct threat modeling, architecture review, security code review, security assessment for crypto-related features and common vulnerabilities, such as Remote Code Execution (RCE), Privilege Escalation, misconfiguration, and other OWASP top 10 vulnerabilities (SQL injection, XSS, broken access control).
You will review AWS cloud infrastructure, identify gaps in existing AWS cloud security architecture design/configuration, and recommend changes in areas such as authentication, data protection, secret storage, and Key management.
Apply a risk-based approach to help us make the right security decisions and priorities.
You will build PoC or libraries that allow Zoom developers to easily consume crypto services, and assist with integration.
Provide hands-on security training and secure coding best practices to our developers for crypto implementation.
Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements.
Bachelor's degree in Computer Science, Mathematics Cryptography, Cyber Security, Computer or Electrical Engineering (or similar field), and 8+ years in security.
Applied cryptography experience across multiple domains, such as asymmetric and symmetric key encryption algorithms, key management, secure protocols, hash algorithms, and standards such as NIST guidelines for crypto and FIPs.
Understanding of software security architecture and design, threat modeling, security code review, SDLC best practices and mitigations for application security.
Experience implementing crypto-related features in AWS cloud environment, and identifying security gaps in design and configuration.
Experience creating safe crypto implementations in cloud and on-prem environments.
Master's in cryptography, computer science, mathematics, or related field.
Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.
We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
All your information will be kept confidential according to EEO guidelines.
Hear from our leadership team
Browse Awards and Employee Reviews on Comparably
Visit our Blog
Zoom with us!
Find us on social at the links below and on Instagram