Product Security Engineer at Auth0
Sorry, this job was removed at 1:33 p.m. (PST) on Wednesday, June 30, 2021
Awesome tech is made by awesome people. And we’re always looking for new team members who bring the energy, passion, commitment, and collaboration that has made Auth0 the great company it is today.
So what do we exactly build? Auth0 is an authentication and authorization platform designed by developers, for developers. Basically, we make companies’ login boxes safe, secure, and seamless for anyone logging in. Our mission is to secure the world’s identities so innovators can innovate. But it’s a big mission that requires a lot of teamwork.
Words, code, or people, whatever your skill, there’s a place for you here.
Auth0 is a security company and Auth0's Security organization is in the privileged position of supporting a security-first culture for a company that wants to make the Internet safer. The Product Security team mission is to ensure that Auth0 products are as secure as our customers trust them to be. We partner closely with our Engineering and Product teams to embed security into every stage of the product life cycle.
We are looking for a Product Security Engineer with a passion for both building and breaking things to solve security problems in partnership with our Engineering teams. You will have a chance to apply your skills and passion to improve the security of our product on a daily basis.
In this role you will:
- Provide security guidance to Engineering and Product teams.
- Build threat models and conduct risk assessments for new features and services.
- Perform design and code reviews (lots of them!).
- Identify, triage, resolve, and manage security vulnerabilities identified in Auth0 products.
- Build libraries and tools to make software built at Auth0 secure by default.
- Make security an integral part of our CI/CD pipeline.
- Perform internal penetration tests and participate in red team exercises.
- Champion security at Auth0.
Our ideal candidate will:
- Have 2-5 years of security experience.
- Have 2-5 years of software development experience.
- Have strong understanding of Web application security, including hands-on exploitation skills.
- Have familiarity with secure development practices and security testing techniques (SAST, DAST, fuzzing, etc.).
- Have ability to explain complex security issues and their impact to diverse audiences.
- Be currently living in the United States or Canada.
Also nice if you have:
- Experience running a bug bounty program.
- #US; #CA;
Auth0 makes the internet safer by safeguarding billions of login transactions each month.
Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles. We practice N+1>N which applies to everything from our people to how we iterate our tech; we believe in one team, one score; and we give a shit about everything we do.
Research shows that candidates from underrepresented backgrounds often don’t apply unless they meet all the job criteria. We aren’t looking for someone who ticks every single box on a page; we’re looking for lifelong learners and people who can make us better with their unique experiences. If you think you’d be a great fit, then please get in touch to tell us about yourself.
Auth0, recently acquired by Okta, is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.
Read Full Job Description