Convoy is transforming the $800 billion trucking industry, where even 10 years ago, most truck drivers did not have smartphones and paper driver logs were common. In 2015, Convoy launched the digital freight movement with an open and fully connected marketplace for brands and manufacturers to work directly with freight carriers who move truckload shipments throughout the country. This ‘Digital Freight Network’ is powered by machine learning and automation, and supported by a broad, ever-growing set of features that benefit both sides of the marketplace.
We’ve been honored to work with some great companies, such as Unilever, The Home Depot, and Procter & Gamble. We’ve also been backed by world-class investors, including Google, YCombinator, Fidelity, Greylock Generation, Lone Pine, T. Rowe Price, Baillie Gifford and the founders and CEOs of Amazon, Salesforce, eBay, LinkedIn, Expedia, Dropbox, Starbucks, and others. We are proud to have been named a CNBC Disruptor 50 Winner (3x), a Fast Company World Changing Idea, a LinkedIn Top Startup, a Forbes' Best Startup Employer, one of Fortune Magazine's 'Impact 20' list, a best place to work in Washington State, a BloombergNEF Pioneer winner, and more.
This is your opportunity to collaborate with an incredible group of people and help transform the freight industry. Join Convoy and help us transport the world with endless capacity and zero waste.
About the team:
The Engineering Security team is responsible for the overall application and data security of Convoy’s services. We are focused on finding, fixing, and preventing application and infrastructure vulnerabilities as well as continually improving the secure software development life cycle followed by all of Engineering at Convoy.
- Instill and empower a culture of secure development and deployment across Engineering through static and dynamic code review, threat modeling, and penetration testing
- Supply subject matter expertise during system design and implementation on topics like encryption in transit and at rest, least privilege access control, and secure-by-default configuration
- Develop automation, tooling, and tests to validate best practices
- Respond to security incidents and responsible disclosures
- Work side-by-side with every development and operations team inside the company
- 3+ years experience in security or software engineering roles
- Web or mobile application penetration testing
- Broad security domain knowledge in common application vulnerabilities (OWASP Top 10) and their mitigations
- Proficient in any common scripting language
- An understanding and continued interest in common attacker techniques, tools, and behaviors
- The ability to dive deep into new technologies and learn quickly
- Strong written and verbal communication skills to communicate with all levels of the organization
We’re looking for someone who has:
- We're open to engineers from all backgrounds
- Experience in any of the following is a plus
- Front end: React/Redux, React NativeBack end: Node.js, TypeScript, GraphQL, PostgreSQL, and AWS
Employees' wellbeing is top of mind for the Convoy team. Outside of offering excellent medical, dental, and vision benefits, we also offer the following:
* On demand mental and emotional health benefits through Lyra
* On demand primary care through 98.6
* Generous paid time off
* Paid parental leave program
* Fertility benefit solutions via Progyny
* Child-care and adult/elder-care options through Bright Horizons
* Opportunity to join and contribute to one of our Employee Resource Groups
* Ability to make a real world impact!
Convoy is an equal-opportunity employer and we welcome applicants from all backgrounds. If you’re a passionate team player who wants to have an outsized impact on a diverse and dynamic team, we’d love to hear from you!