Remote job description
Loom is the video communication platform for async work that helps companies communicate better at scale. Loom makes it easy to record quick videos of your screen and camera and instantly share them with a link. More than 14M users across more than 200k companies around the world trust Loom to share feedback, updates, intros, training, and more ?" every day. Founded in late 2015, Loom has raised $203M from world-class investors including Andreessen Horowitz, Sequoia, Kleiner Perkins, Iconic, and Coatue.
As a member of the security team at Loom, you will be responsible for leading and implementing the various initiatives that relate to improving Loom's security. We will achieve that by working and collaborating with cross-functional teams to provide guidance on security best practices and help with security automation to scale security for engineering initiatives. The Security Team is focused on enabling our engineering teams to build and ship secure products. This is done by designing, building, and deploying state of the art security alongside our product and infrastructure teams.
We're looking for experienced Engineers to join our fast moving Security Team. As part of the security team you will get to work on some interesting problems around SAST, DAST, SCA and building automations to assists Kubernetes and AWS security.
- Perform application design and code reviews with product teams.
- Build, deploy and maintain security tooling.
- Improve existing threat hunting and security detection across our platform.
- Drive our bug bounty program with HackerOne.
- Be an incident commander for security incidents to triage, remediate P0 security issues. Identify proactive defense strategies.
- Work with stakeholders across the organization, provide security training and outreach to our internal development teams to achieve a consistently high security bar
- Experience with GDPR, CCPA and SOC2 compliance
- Experience with SIEM platforms and the ability to extend their functionality
What We're Looking For
- 3+ years of relevant security experience in security consulting or in product/infrastructure security demonstrating strong application security fundamentals.
- Solid understanding of application security concepts and best practices.
- Ability to work well cross-functionally, and communicate with audiences who may not have a security background.
- Willingness to learn new technologies or languages.
- Experience with security reviews and threat modeling.
- Ability to work with a high degree of autonomy.
Perks at Loom
- Competitive compensation and equity package
- Comprehensive medical, dental, and vision coverage for employees and dependents (for US employees)
- 14 paid company holidays plus Summer Break in July and Winter Break in December
- Flexible Spending Account (FSA) and Dependent Care Flexible Spending Account (DCFSA)
- Healthcare reimbursement (for International employees)
- Life, AD&D, Short and Long Term Disability Insurance
- 401(k) with 4% company matching
- Wellness stipends
- Unlimited PTO
- Paid parental leave
- Remote work opportunities
- Professional development reimbursement
- Home office & technology reimbursement
How We WorkFreedom and Flexibility: At Loom, we believe work is an act, not a place. When we disengage work from a location, we can accommodate a broad range of life choices. You can choose to work from home or while you travel. We are able to hire across the United States and are continuing to expand our international presence. And you are free to move within a country without any adjustment to compensation.
Engaging Workday: The key to an engaging workday is finding the right balance between different ways to work sync, async, text and video. Loom makes it easier for us to say what we mean without having to schedule a zoom meeting or struggle to find the right words. And using async communication allows us to free up time for deep work every day. We believe there's a place for sync time - often a conversation on Zoom is exactly what is needed. For team meetings, this 'sync time' is typically between 9AM-Noon PT given where the overlap of timezones where Loommates are located.
Work-Rest Balance: The way we balance the fast-paced demands of a high-growth startup and sustainability is making rest a priority. We offer a flexible PTO policy so you're able to take time off when you need it. We also go fully offline for Summer Break around 4th of July and between Christmas and New Years. Rest is also part of the workday, not just during PTO. Taking a break for personal commitments, whether it's watching the kids or getting some exercise is a natural part of the workday.
Social Connection: Relationships and connectedness matter. We are intentional about building trust and relationships through unique, shared experiences. Our virtual workspace keeps us connected day-to-day whether it's through Looms celebrating wins or our buzzing Slack communities. Loommates are able to meet in person with their teams at least twice a year purely for fun. We have also built local offices for those who want to work or meet in person, starting with San Francisco and New York City.
Loom = Equal Opportunity EmployerWe are actively seeking to create a diverse work environment because teams are stronger with different perspectives and experiences.
We value a diverse workplace and encourage women, people of color, LGBTQIA individuals, people with disabilities, members of ethnic minorities, foreign-born residents, older members of society, and others from minority groups and diverse backgrounds to apply. We do not discriminate on the basis of race, gender, religion, color, national origin, sexual orientation, age, marital status, veteran status, or disability status. All employees and contractors of Loom are responsible for maintaining a work culture free from discrimination and harassment by treating others with kindness and respect.
To learn more about how Loom collects and uses your personal information during the application process, please see the Loom Candidate Privacy Notice.
Company name: Loom
Remote job title: Security Engineer
Job tags: application security, infrastructure, Threat Modeling
location or timezone
categoryDevOps and SysAdmin
posted99 days ago