Distributed - US
Company DescriptionThank you for your interest in Dropbox careers. We are actively hiring for this position and look forward to reviewing your application. Dropbox is continuing to monitor the COVID-19 pandemic as the health and safety of our community, employees and candidates remain our number one priority. We appreciate your flexibility as we adapt our hiring processes during this evolving situation.
Dropbox is the world’s first smart workspace that helps people and teams focus on the work that matters. With more than 600 million registered users across 180 countries, we’re on a mission to design a more enlightened way of working. Dropbox is headquartered in San Francisco, CA, and has 12 offices around the world.
Team DescriptionOur Engineering team is working to simplify the way people work together. They’re building a family of products that handle over a billion files a day for people around the world. With our broad mission and massive scale, there are countless opportunities to make an impact.
Role DescriptionWe are looking for someone who enjoys coding and has a white hat hacker mindset to join us in a Security Engineer Role. This position will be a part of the HelloSign Security team and will work directly with the HelloSign engineering and product teams. As part of this role, you will identify and refactor vulnerable or unsafe code, fix security issues and collaborate with the engineering team to deliver new security related features. You will work with the team to ensure our products are secure by default.
- Collaborate with different stakeholders to help us ship reliable and secure features.
- Help engineer new security features that enhance our customer’s security.
- Perform source code reviews of the web applications and infrastructure deployed by us.
- Design and implement solutions to ensure all security findings are appropriately remediated.
- Automate security controls using scripting to the extent that it requires minimal human interaction.
- Identify and refactor vulnerable or unsafe code.
- Participate in 24x7 on call rotation for security related events.
- Strong past experience in security engineering or application security role
- Prefer BS or MS in Computer Science or Information Security or equivalent experience
- Strong understanding of modern web applications
- Information security related experience with Amazon AWS or equivalent cloud experience
- In depth understanding of Linux/UNIX based systems
- Experience shipping production code in PHP, Python or similar.
- A deep understanding of common web application vulnerabilities
- Ability to show initiative to drive progress and improvement
- Ability to handle multiple tasks, prioritize and meet deadlines
- Ability to maintain confidentiality of sensitive customer data
- Certifications like OSCP, CISSP, RHCE are a plus
Benefits and Perks
- 100% company paid individual medical, dental, & vision insurance coverage
- 401k + company match
- Market competitive total compensation package
- Free Dropbox space for your friends and family
- Wellness Reimbursement
- Generous vacation policy
- 10 company paid holidays
- Volunteer time off
- Company sponsored tech talks (technology and other relevant professional topics)