Staff Offensive Security Engineer (Backend)

REMOTE / PRODUCT SECURITY /FULL-TIME

Zoom is seeking an Offensive Security Engineer to join our Security team. Zoom Offensive Security Engineers have their hands on every stage of the SDLC pipeline, from initial design through to ongoing penetration testing. Our engineers can identify vulnerabilities in design and implementation, prove and explain these vulnerabilities to others, and provide practical recommendations and steps not just to fix the identified issue but also to reduce similar occurrences in the future. We’re looking for well rounded engineers with a breadth of knowledge in application security and in depth skills in one or more particular areas. Think “red that can lean blue."

Responsibilities:

• Perform binary testing and reverse engineering, fuzzing, and API penetration testing on Zoom backend services.

• Communicate discovered issues, how to exploit them, and how to fix them for both technical and nontechnical audiences.

• Work with engineering teams in the design phase of new products and features.

• Work with external researchers through our bug bounty programs to reproduce, score, and further investigate reported issues.

• Work with other groups within Zoom to better serve our customers.

Requirements:

• 5+ years of experience performing pentests and code reviews on C/C++ applications (Java, Python a plus).

• Have a broad range of security knowledge but can go in depth with binaries, reverse engineering, fuzzing, and APIs.

• Have a strong command of your most liked pentesting tools, and know how to use them to your advantage. (IDA Pro, Ghidra, Binary Ninja, Nessus, Nmap, Metasploit, Burp, etc.).

• Server side testing (knowledge of network packet handling/traffic routing).

• Knowledge of Erlang, Lua, xmpp, or SIP phone experience a plus.

• Proficiency in one or more programming languages, and can both read and understand code written by others well enough to break it. 

• Have strong communication skills, both written and verbal: we have a lot of remote and asynchronous communication given our distributed teams and customers.

• Prior development experience as part of a team is a plus.

#LI-Remote

Colorado Salary Range or On Target Earnings:

Minimum:

$145,260.00 USD

Maximum :

$268,740.00 USD

In addition to the base salary and/or OTE listed, Zoom has a Total Direct Compensation philosophy that takes into consideration base salary, bonus and equity value. Information about Zoom’s benefits is here. Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience. We also have a location based compensation structure; there may be a different range for candidates in other locations.

Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.

All your information will be kept confidential according to EEO guidelines.

Zoom requires all U.S. employees who will work in person at a Zoom office, attend in-person Zoom meetings or have in-person customer meetings to be fully vaccinated. Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.

Explore Zoom:

• Hear from our leadership team

• Browse Awards and Employee Reviews on Comparably

• Visit our Blog

• Zoom with us!

• Find us on social at the links below and on Instagram