Cryptography Engineer
Job Description:
Responsible for upgrading the security of Zoom meetings by offering end-to-end encryption and strengthening guarantees around identity and transparency. Maintain security infrastructure and upgrade it as needed in relation to the needs of the business and new innovations in cryptography. Design and implement novel cryptographic mechanisms and features that will benefit Zoom chats (such as enabling end-to-end encrypted group messaging), the internal cloud infrastructure, and other Zoom products. Implement, debug, optimize, productionize, deploy, and refine scalable implementations of novel cryptographic protocols. Work on building the software infrastructure which allows Zoom to deliver the security guarantees described above to its customers. Produce code, the majority of which is in C++ and Golang, using cryptographic libraries such as OpenSSL and Libsodium. Select the right primitives and write security-sensitive code using deep knowledge of security engineering principles and attention to issues such as side channel attacks, memory safety, padding oracle attacks, nonce reuse, rainbow table attacks, brute-force attacks, birthday attacks, man-in-the-middle attacks, replay attacks, etc. Draft, revise, and publish internal and external white papers that detail novel cryptographic constructions. Continue to define and clarify the initial roadmap published to guide the in-house implementation of these systems and obtain external feedback. Collaborate with product managers to understand the business and product requirements and produce detailed proposals that take into account the conflicting needs for security, privacy, scalability, usability, and ease of maintenance. Draft, revise, and publish academic papers to be published in the top security and cryptography journals, such as Usenix Security, CCS, oakland, CRYPTO, and Eurocrypt. Work on representing Zoom's novel cryptographic innovation designs in the form of academic papers which will advance public knowledge and help establish Zoom's reputation as a leader in security practices and engineering. Utilize knowledge of formal specification of protocols and designs, with well-defined security guarantees and sound proofs of security to publish academic papers. Contextualize Zoom's innovations within related academic work. Read, digest, and critique the most advanced academic cryptographic literature to assess which technologies are secure, sound, and practical to implement at scale into Zoom's architecture and design. The individual in this position is permitted to perform the duties of the job opportunity from his/her residence.
Minimum Education & Experience Requirements:
PhD in Computer Science or related field and 2 years of experience. Skills required: 1. experience with secure programming in Go, JavaScript, and C++; 2. experience with cryptography, including encryption, digital signature schemes, message authentication codes, zero knowledge proofs, commitments, hash functions, pseudorandom functions, and verifiable random functions; 3. research experience in cryptography, in particular designing novel cryptographic primitives and protocols to solve practical problems, formalizing such solutions, proving their security, and writing and publishing academic papers in top tier academic venues; 4. experience with designing and implementing authenticated data structures including Merkle Trees; 5. experience writing production level code implementing cryptographic protocols; 6. experience using cryptographic primitives to design and implement security-sensitive features in commercial software; 7. experience with secure multiparty computation; and 8. experience with computer security and secure programming practices, including web security (TLS, DNSSEC, same origin policy, cross site scripting, and SQL injection), memory safety (buffer overflows, memory leaks, and wild pointers), side channel attacks, and two factor authentication. The individual in this position is permitted to perform the duties of the job opportunity from his/her residence.
Company Name: Zoom Video Communications, Inc.
#LI-DNI
Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.
We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
All your information will be kept confidential according to EEO guidelines.
Explore Zoom:
Hear from our leadership team
Browse Awards and Employee Reviews on Comparably
Visit our Blog
Zoom with us!
Find us on social at the links below and on Instagram