What You’ll Do
- Lead cross-functional projects, contributing security-focused feedback and advice to engineers throughout the entire development life cycle, educating product teams and fellow engineers about security best practices
- Work directly with senior leadership to deliver and execute a compelling security strategy that prevents emerging classes of vulnerabilities before they’re a problem
- Participate in security assessments of networks, systems, gems and other packages
- Manage and automate security controls and reporting (vulnerability management, system hardening, logging and monitoring, code reviews across multiple teams)
- Review and recommend technical and cultural improvements to system and network security controls, especially throughout feature development during project planning and in code reviews
- Establish credibility as a trusted advisor to stakeholders including partners, executives, and peers
What You’ll Need to be Successful
- Bachelor’s degree in Computer Science, related field, or equivalent professional training or work experience
- 5+ years of technical security leadership, experience with security products, threat modeling, security design, infrastructure security, and broader security technologies
- Deep understanding of web application architecture and design principles, how web apps work, from the underlying network protocols (e.g. HTTP, TCP) through to the web server (e.g. nginx), browser behavior, and everything in between
- Strong organizational skills to bring together and record detailed and accurate information about bugs and systemic issues
- Strong written and verbal communication skills, ability to empathetically deliver constructive feedback around security matters to fellow engineers and PMs
- Solid understanding of common security flaws and resolution as published by organizations like OWASP, etc.
- Familiarity with common web application testing tools for analysis such as Burp Suite
- Knowledge of authentication mechanisms like SAML, OAuth, etc.
- Familiarity with security assurance, security analysis, vulnerability management, system hardening programs
- Ability to see patterns and commonalities, to investigate complex issues
- Ability to work autonomously as part of a multi-functional team
- Awesome medical/vision/dental package including complimentary membership to One Medical Group
- Smart, engaged co-workers who value their time together and support each other’s growth
- Company retreats, monthly game nights
- Flexible paid time off (PTO) policy
- Commuter benefits
- Dog friendly office
- Learning and development budget
- Paid lunches, fully stocked kitchen
Some things we’re proud of:
- Product-first culture: We’re a product-driven company. Our three founders all come from a product background, and we pride ourselves on relentlessly needfinding to better understand our and future current customers – and provide them with a product that they love. Don’t believe us? Check out our reviews on G2 Crowd.
- Industry leadership: DocSend regularly shares industry-leading data on the state of startup fundraising both through our Pitch Deck Interest Metrics where we monitor the health of startup fundraising during COVID-19, and The Funding Divide where we’re using our data to highlight inequalities in startup funding.
- World-class customers: DocSend powers the most critical documents at some of the largest media and technology brands in the world, some of the most innovative startups that are shaping our future, and many forward-thinking executives from a wide array of industries around the world. We’re honored to support them, and we strive every day to enable them to achieve their mission.
- Intentional growth: Our team growth aligns with our long term, sustainable business model. While we have grown significantly in the last few years (our team is currently at 50+), our growth is calculated to ensure we maintain our positive company culture and provide lasting opportunities to folks on our team (50% of our leadership team has been promoted from within the company).
- Team: We pride ourselves on our fun, welcoming environment where every member of the DocSend team can thrive. Our goal is always to cultivate a high impact, low ego team culture that is smart and curious, and embraces diversity, inclusion, and equity every step of the way. Whether it’s our founders holding weekly office hours or getting the team together for our monthly all hands meetings, we’re always looking to provide ways to engage with another, no matter your role or department.