Sr. Security Vulnerability Management Engineer

Work Styles at Zoom

In most cases, you will have the opportunity to choose your preferred working location from the following options when you join Zoom: in-person, hybrid or remote. Visit this page for more information about Zoom's Workstyles.

About Us

Zoomies help people stay connected so they can get more done together. We set out to build the best video product for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.

We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

We are seeking a Senior Security Vulnerability Management Engineer to join our Vulnerability Discovery team. The new member of our team will focus on creating  POCs for known vulnerabilities, provide root-cause analysis for triaged vulnerabilities, and work with engineers throughout Zoom to remediate vulnerabilities.

Responsibilities:

• Provide root cause analysis of triaged vulnerabilities

• Provide actionable security guidance to engineers to enable remediation within SLA

• Create POCs to facilitate fix verification and enable regression testing

• Help drive quality engagement on bug bounty programs

• Assess incoming Bug Bounty submissions

• Work with product security team to review and process external reports

• Provide guidance on effective vulnerability countermeasures

• Contribute to security policy, standards, and guidelines related to Bug Bounty

• Engage with the security researcher community and promote high quality experiences

Minimum Qualifications:

• Hands-on experience discovering, validating and fixing common vulnerabilities

• Ability to communicate ideas and proposals concisely

• Ability to distill complex security problems and drive towards creative solutions

• Ability to engage with teams to review security issues and recommend solutions

• Excellent written and verbal communication skills for conveying security concepts and engineering solutions

• Strong knowledge of web, mobile, and/or desktop application security vulnerabilities and countermeasures, including the OWASP Top 10

• Experience with application programming

Preferred Qualifications:

• Prior bug hunting and/or bug triage experience

• Experience performing threat modeling, design and code reviews to assess security implications and requirements for the introduction of new systems and technologies

• Experience building out integrations with open source scanners and/or vendor products

• History of participating in Bug Bounty programs

• Programming experience with JavaScript, Python, PHP, Ruby, Java, or C/C++

• Bachelor's degree in CS/EE or related area

Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.

All your information will be kept confidential according to EEO guidelines.

Zoom requires all U.S. employees who will work in person at a Zoom office, attend in-person Zoom meetings or have in-person customer meetings to be fully vaccinated.  Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.

Explore Zoom:

• Hear from our leadership team

• Browse Awards and Employee Reviews on Comparably

• Visit our Blog

• Zoom with us!

Find us on social at the links below and on Instagram

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines. 

We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law. If you need any assistance or accommodations due to a medical condition, or if you need assistance accessing our website or completing the application process, please let us know by emailing us at careers@zoom.us.

Zoom requires all U.S. employees who will work in person at a Zoom office, attend in-person Zoom meetings or have in-person customer meetings to be fully vaccinated.  Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.

At Zoom, we care about our employees, their families, and their well-being. As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. To view our benefits, click here.

Explore Zoom:

• Hear from our leadership team

• Browse Awards and Employee Reviews on Comparably

• Visit our Blog

• Zoom with us!

• Find us on social at the links below and on Instagram

• View more jobs, sign up for job alerts and join our talent community. Visit the Zoom careers site.