Principal Security Engineer at Zipwhip
We are one of the main reasons it’s possible to text with a business today. Zipwhip was the first company to enable texting on existing business phone numbers, and we are now the world’s leading business-texting software and API provider. More than 35,000 companies use us to increase customer engagement and drive growth through texting on their existing landline, VoIP or toll-free phone number. Intuitive cloud-based software, an enterprise-grade API and direct network connectivity mean businesses can use any computer or mobile device to securely and reliably reach their customers, every time.
Our strong venture backing allows us to aggressively invest in our product, technology and team; we’ve received nearly $100 million in funding from the likes of Goldman Sachs, M12 (Microsoft Ventures) and OpenView. We are consistently ranked one of Washington’s fastest-growing workplaces, and were voted the 6th best place to work in the state by Seattle Business magazine and The Puget Sound Business Journal in 2019.
Every day we work to uphold our core DIRECT values: Determination, Innovation, Respect, Enthusiasm, Collaboration and Trust. We know that we’ll build better products if we have a diverse and inspired team that’s encouraged to make mistakes and experiment.
If you want to be part of a team where you’re supported and empowered to change the way the world communicates, then we’d love to hear from you.
How this role makes an impact:
- You are experienced with security throughout the software development lifecycle. This includes design/spec reviews, threat modeling, code reviews, tool selection, vulnerability scanning, and incident response.
- You have experience in software engineering at a SaaS company. Even though you may not have been coding regularly, you will need to be comfortable reviewing code with software engineers.
- Be familiar with cloud security concepts in AWS, Azure, or GCP.
- Working with infrastructure engineers to deploy cloud security best practices into Kubernetes clusters using automated configuration management tools.
- Drive security best practices and awareness through a partnership with other engineering teams.
- Bring your unique set of diverse experiences and background to our team in an open and collaborative manner so that we can all expand and grow faster.
- You have an open and honest communication style that always puts the customer first “Will the customer be delighted with this?”.
- Be comfortable dealing with ambiguity and a shifting landscape.
- Be curious, willing to learn, share and improve.
What you'll be working on:
- Working closely with software development teams to implement security into everything we build in the development process.
- Constantly evaluate new tools to improve security in our code and products with an ability to build solutions when off-the-shelf software is not available or viable.
- Perform security reviews of detailed engineering specifications and technical design documents.
- Manage security engineering projects from start to end with a variety of stakeholders across the organization.
- Triage security issues and provide recommended fixes. This also includes reviewing and responding to new security threats.
The skills you'll need:
- 5+ years of related security work in a customer facing product or service.
- 10+ years of software development or infrastructure engineering experience.
- Experience building, testing, and deploying code in a CI/CD pipeline (Git, Jenkins, Maven).
- Experience managing projects with a variety of stakeholders in the organization as well as owning the execution.
- Broad exposure to various security disciplines and deep understanding of models behind core security concepts such as data encryption, managing secrets, and vulnerability management.
- Proficiency both in a practical systems programming language and the shell of your choice. We write in Go, Python, and Shell.
- Able to efficiently collect, analyze, and parse several TB of logs across a variety of systems to identify threats, problems, or security anomalies.
- We seek a candidate eager to work across the company as we further our company values of collaboration and trust with other teams. As a security and operations team, we are actively aligned and working with the rest of engineering.
- Working in agile teams or startup environment with strong customer focus.
- Ranked the #6 best workplace in Washington in 2019 from Seattle Business magazine and The Puget Sound Business Journal
- Consistently ranked one of Washington’s fastest-growing companies by Deloitte
- Competitive salary and stock options
- Full benefits package including parental leave, 401k, flexible remote work, generous PTO
- Health benefits including paid maternity and paternity leave, medical, vision, disability and life insurance
- Free on-site (remote for now) weekly yoga and meditation classes hosted by ZUM fitness, and discounted memberships to Soul Fitness and CorePower Yoga
- A brand new office on Elliott Bay with easy beachfront park access which we look forward to returning to post COVID-19 though we maintain a Remote Work Policy.
- Stipend for transportation and cell phone usage
- A culture of transparency and open communication, including a weekly Company update meeting (catered weekly lunch when onsite working) hosted by our CEO
- Values-based leadership and a commitment to building a diverse, equitable, and inclusive Company
Regular and predictable attendance is an essential function of the job.
We are an equal opportunity employer and we value diversity of all kinds. We prohibit discrimination against any applicant or employee based on any legally recognized basis. This includes, but isn’t limited to, race, color, national origin or ancestry, citizenship status, creed, religion, gender identity or expression, sexual orientation, pregnancy, marital status, age, veteran status, disability or any other status protected by federal, state or local law.
We are an E-verify participating employer.