Staff Security Engineer
Calendly (View all Jobs)
1. 45 min chat with engineering director 2. Take-home assignment 3. All day technical & cultural fit interview. Tech assessments include system design, extension of the takehome assignment, and bug fix pairing.
Programming Languages Mentioned
Python, Ruby, C#
About the team & opportunity
What’s so great about working on Calendly’s security team?
Calendly is growing rapidly and is scaling its security team to ensure the security of its users. You will have the chance to work with a small team of exceptional security engineers to build Calendly’s security practice from the ground up.
Why do we need you? Well, we are looking for a Staff Security Engineer who will bring significant application and network security skills, automation experience, and a strategic mindset to security. You will report to the Head of Product Security, and will be responsible for ensuring the security of Calendly’s new features, shipping security automation, and driving security improvements in Calendly’s roadmap.
A day in the life of a Staff Security Engineer at Calendly
On a typical day, you will be working on:
- Protecting and securing next generation artificial intelligence features for Calendly’s millions of users
- Introducing systemic and fundamental security and privacy controls in Calendly’s software
- Hardening Calendly’s network edge against automated attacks, denial of service attempts, and abuse
- Contributing to the Product Security team’s automated tooling
- Actively engaging with product, engineering, and QA stakeholders regarding security strategy and tactics
- Developing strategy for and participating in penetration testing, bug bounties, and security review processes
- Contributing to security, privacy, and compliance initiatives by working with other security-focused teams
- Mentoring other security team members
What do we need from you?
- 10+ years of mixed software development and security experience at a SaaS or technology company
- 5+ years of experience in managing security and privacy risk in software systems which extensively utilize third party vendors
- Experience with a variety of security tools (SAST, DAST, ASPM, SCA, etc) and OWASP top ten detection methods
- Experience guiding product and engineering stakeholders in delivering secure features
- Significant experience in two or more modern programming languages (Ruby, Python, Go, C#, etc.)
- Passion to craft secure, reliable, and highly maintainable code
- Experience articulating security principles and practices to technical and non-technical audiences
- Authorized to work lawfully in the United States of America as Calendly does not engage in immigration sponsorship at this time
What’s in it for you?
Ready to make a serious impact? Millions of people already rely on Calendly’s products, and we’re still in the midst of our growth curve — it’s a fantastic time to join us. Everything you’ll work on here will accelerate your career to the next level. If you want to learn, grow, and do the best work of your life alongside the best people you’ve ever worked with, then we hope you’ll consider allowing Calendly to be a part of your professional journey.
Our Hiring Process:
Applicants for this role can expect to follow the hiring process listed below. Please keep in mind that applicants can be declined from the position at any stage of the process.
- Qualified candidates will be invited to schedule a phone interview with a member of our recruiting team. This is a great time to ask any initial questions you have about the company or the role.
- Next, we’ll put you in direct contact with your potential future manager. You’ll get a chance to learn even more about life at Calendly, the responsibilities attached to your role, and the qualities needed to succeed here.
- Then, you’ll meet with your potential future team members and stakeholders. You may receive a technical take home exercise to help us understand the depth of your experience.
- Finally, we reach out to those you’ve worked with before, to learn more about the impact you can make, the value you bring, and the best way to set you up for success at Calendly.
We aim to provide an inclusive and equitable candidate experience to everyone who expresses interest in working at Calendly. The recruiter assigned to this role will keep you informed every step of the way. Have questions? Let your recruiter know! Want to share your experience? We are passionately committed to improving and building on our process, and we consider feedback a gift.
If you are an individual with a disability and would like to request a reasonable accommodation as part of the application or recruiting process, please contact us at firstname.lastname@example.org .
Calendly is registered as an employer in many, but not all, states. If you are located in Hawaii, Montana, New Mexico, North Dakota, South Dakota, Nebraska, Kansas, Iowa, West Virginia, and Rhode Island, you will not be eligible for employment. Note that all individual roles will specify location eligibility.
All candidates can find our Candidate Privacy Statement here
Candidates residing in California may visit our Notice at Collection for California Candidates here: Notice at Collection
Compensation is based on a variety of factors including but not limited to location, experience, and job-related skills. In addition, Calendly offers a wide range of best in class total rewards. This includes comprehensive employee benefits like healthcare, dental, vision, parental leave, 401(k) match, paid time off, and much more. At Calendly we believe exceptional performance deserves exceptional rewards! During the hiring process, we are committed to sharing details about the compensation range for the position, enabling you to make an informed decision.
Please note that the compensation details listed in role postings reflect the base salary only, and do not include bonus/commission, equity, or benefits.
Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄