Senior Security Engineer
Loom (View all Jobs)
1. Google Hangouts resume dive on past experience 2. Take-home project OR architectural phone screen 3. On-site interviews (2 technical architecture related to work, 1 or 2 non-technical)
Programming Languages Mentioned
Loom is the video communication platform for async work that helps companies communicate better at scale. Loom makes it easy to record quick videos of your screen and camera and instantly share them with a link. More than 14M users across more than 200k companies around the world trust Loom to share feedback, updates, intros, training, and more – every day. Founded in late 2015, Loom has raised $203M from world-class investors including Andreessen Horowitz, Sequoia, Kleiner Perkins, Iconic, and Coatue.
You will be responsible for all aspects of security and compliance of Loom's video service infrastructure. We’re a small team, so your contributions will have a meaningful impact on the company’s success.
We're looking for someone with both a broad knowledge of security and deep knowledge of cloud security. You will have had experience across a range of technical disciplines: operating system internals and hardening (e.g. Windows, Linux, OS X, Android); security monitoring, and assessments; authentication and access control; development of security tools and automation. This is a senior role and we're looking for someone who has experience with a variety of real-world security issues.
* We are currently hiring remotely in the United States and Canada
- Build enterprise-grade secure cloud infrastructure and application policies to protect Loom networks, systems, and SaaS offerings.
- Design and develop frameworks, tools, and best practices to protect and mitigate any forms of risk.
- Work with the compliance and governance teams to implement compliance and security requirements.
- Assist with Security vulnerability reviews, threat modeling, system and application design reviews.
- Help manage our pen testing and bug bounty program.
- Lead and mentor other engineers and evangelize security practices to foster a culture of security companywide.
What We're Looking For
- 3-5 years of industry experience developing and implementing fundamental security features and solutions using security frameworks such as CIS, NIST, ISO, SOC2, etc.
- Excellent understanding of information security, cryptography, secure networking, logging/detection, cloud security architecture (GCP/AWS), IAM/PAM, security policies, and code signing concepts.
- Experience designing and deploying public key infrastructure, authorization systems, and/or key management systems.
- Experience in web app security, vulnerability research, and penetration testing
- Knowledge of network-based and system-level attacks and mitigation methods
- 3+ years of programming with Python or Go
How We Work
Freedom and Flexibility: At Loom, we believe work is an act, not a place. When we disengage work from a location, we can accommodate a broad range of life choices. You can choose to work from home or while you travel. If you are in the Bay Area, you can drop by our San Francisco office on 2nd and Market St. We are able to hire across the United States and Canada and are continuing to expand our international presence. And you are free to move within a country without any adjustment to compensation.
Engaging Workday: The key to an engaging workday is finding the right balance between different ways to work sync, async, text and video. Loom makes it easier for us to say what we mean without having to schedule a zoom meeting or struggle to find the right words. And using async communication allows us to free up time for deep work every day. We believe there's a place for sync time - often a conversation on Zoom is exactly what is needed. For team meetings, this ‘sync time’ is typically between 9AM-Noon PT given where the overlap of timezones where Loommates are located.
Work-Rest Balance: The way we balance the fast-paced demands of a high-growth startup and sustainability is making rest a priority. We offer a flexible PTO policy so you're able to take time off when you need it. We also go fully offline once a year between Christmas and New Year (and twice during the Pandemic). Rest is also part of the workday, not just during PTO. Taking a break for personal commitments, whether it's watching the kids or getting some exercise is a natural part of the workday.
Social Connection: Relationships and connectedness matter. We are intentional about building trust and relationships through unique, shared experiences. Our virtual workspace keeps us connected day-to-day whether it's through Looms celebrating wins or our buzzing Slack communities. Loommates are able to meet in person with their teams at least twice a year purely for fun. We have also built local offices for those who want to work or meet in person, starting with San Francisco and New York City.
Perks at Loom
- Competitive compensation and equity package
- 99% company paid medical, dental, and vision coverage for employees and dependents (for US employees)
- Flexible Spending Account (FSA) and Dependent Care Flexible Spending Account (DCFSA)
- Healthcare reimbursement (for International employees)
- Life, AD&D, Short and Long Term Disability Insurance
- 401(k) with 4% company matching
- Professional development reimbursement
- Wellness stipends
- Unlimited PTO
- Paid parental leave
- Remote work opportunities
- Home office & technology reimbursement
Loom = Equal Opportunity Employer
We are actively seeking to create a diverse work environment because teams are stronger with different perspectives and experiences.
We value a diverse workplace and encourage women, people of color, LGBTQIA individuals, people with disabilities, members of ethnic minorities, foreign-born residents, older members of society, and others from minority groups and diverse backgrounds to apply. We do not discriminate on the basis of race, gender, religion, color, national origin, sexual orientation, age, marital status, veteran status, or disability status. All employees and contractors of Loom are responsible for maintaining a work culture free from discrimination and harassment by treating others with kindness and respect.
Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄
Get weekly alerts of new jobs from companies not using whiteboard interviews!