DocSend is shaping the future of how businesses put documents to work. Leaving email attachments as a thing of the past, we enable businesses to send documents or folders with a single link, track who’s interacting with those documents, and get key contracts and NDAs signed, all in one intuitive platform. From founders raising their next round of funding to innovative sales teams closing deals, our 17,000+ customers rely on us to power their most important documents every day – and get unparalleled security and control.
DocSend is looking for an experienced product security engineer to strategically push forward the state of our product security. As our dedicated security engineer, you will have an incredible impact on DocSend’s security posture, engineering culture, and product delivery. This is an excellent opportunity for someone who wants to have tremendous ownership and to develop cross-functional skills.
DocSend engineering believes in quality, collaboration, and fun. We’ve got everything from diverse leadership to team outings. We always want to better ourselves, and as engineers, we do that by focusing on creating better solutions, better code, and a better skill set. Together, we collaborate, support, and inspire each other to grow and take ownership across the product.

What You’ll Do

  • Lead cross-functional projects, contributing security-focused feedback and advice to engineers throughout the entire development life cycle, educating product teams and fellow engineers about security best practices
  • Work directly with senior leadership to deliver and execute a compelling security strategy that prevents emerging classes of vulnerabilities before they’re a problem
  • Participate in security assessments of networks, systems, gems and other packages
  • Manage and automate security controls and reporting (vulnerability management, system hardening, logging and monitoring, code reviews across multiple teams)
  • Review and recommend technical and cultural improvements to system and network security controls, especially throughout feature development during project planning and in code reviews
  • Establish credibility as a trusted advisor to stakeholders including partners, executives, and peers

What You’ll Need to be Successful

  • Bachelor’s degree in Computer Science, related field, or equivalent professional training or work experience
  • 5+ years of technical security leadership, experience with security products, threat modeling, security design, infrastructure security, and broader security technologies
  • Deep understanding of web application architecture and design principles, how web apps work, from the underlying network protocols (e.g. HTTP, TCP) through to the web server (e.g. nginx), browser behavior, and everything in between
  • Strong organizational skills to bring together and record detailed and accurate information about bugs and systemic issues
  • Strong written and verbal communication skills, ability to empathetically deliver constructive feedback around security matters to fellow engineers and PMs
  • Solid understanding of common security flaws and resolution as published by organizations like OWASP, etc.
  • Experience with secure code review in languages, frameworks, and other tools such as: Ruby on Rails, JavaScript, React, Node.js
  • Familiarity with common web application testing tools for analysis such as Burp Suite
  • Knowledge of authentication mechanisms like SAML, OAuth, etc.
  • Familiarity with security assurance, security analysis, vulnerability management, system hardening programs
  • Ability to see patterns and commonalities, to investigate complex issues
  • Ability to work autonomously as part of a multi-functional team

The Perks

  • Awesome medical/vision/dental package including complimentary membership to One Medical Group
  • Smart, engaged co-workers who value their time together and support each other’s growth
  • Company retreats, monthly game nights
  • Flexible paid time off (PTO) policy
  • Commuter benefits
  • Dog friendly office
  • Learning and development budget
  • 401(k)
  • Paid lunches, fully stocked kitchen

Some things we’re proud of:

  • Product-first culture: We’re a product-driven company. Our three founders all come from a product background, and we pride ourselves on relentlessly needfinding to better understand our and future current customers – and provide them with a product that they love. Don’t believe us? Check out our reviews on G2 Crowd.
  • Industry leadership: DocSend regularly shares industry-leading data on the state of startup fundraising both through our Pitch Deck Interest Metrics where we monitor the health of startup fundraising during COVID-19, and The Funding Divide where we’re using our data to highlight inequalities in startup funding.
  • World-class customers: DocSend powers the most critical documents at some of the largest media and technology brands in the world, some of the most innovative startups that are shaping our future, and many forward-thinking executives from a wide array of industries around the world. We’re honored to support them, and we strive every day to enable them to achieve their mission.
  • Intentional growth: Our team growth aligns with our long term, sustainable business model. While we have grown significantly in the last few years (our team is currently at 50+), our growth is calculated to ensure we maintain our positive company culture and provide lasting opportunities to folks on our team (50% of our leadership team has been promoted from within the company).
  • Team: We pride ourselves on our fun, welcoming environment where every member of the DocSend team can thrive. Our goal is always to cultivate a high impact, low ego team culture that is smart and curious, and embraces diversity, inclusion, and equity every step of the way. Whether it’s our founders holding weekly office hours or getting the team together for our monthly all hands meetings, we’re always looking to provide ways to engage with another, no matter your role or department.
DocSend is proud to be an equal opportunity employer dedicated to pursuing and hiring a diverse workforce.