This job posting is no longer available

Software Engineer, Security Team at Lob - San Francisco, United States

Job Description

Lob is building a suite of APIs to simplify and automate enterprise workflows. Our most popular product is our print and mail API that enables companies to send physical mail as effortlessly as sending emails. This API helps individuals and enterprise customers programmatically send physical mail at scale. Our second API focuses on address verification. It is officially CASS-certified by the USPS. Our long-term goal is to provide the building blocks for developers to automate the offline world through APIs (lob.com/blog/vision-mission) . We’re looking for great problem-solvers to help us figure out how.

As a member of our security team, you’ll protect the data of hundreds of millions of mail recipients, ensure new products and designs are architected safe by default, build monitoring and detection systems, work collaboratively with developers to educate them about security and squash vulnerabilities, and help us achieve our compliance and regulatory goals.

We take a systemic approach to security, and strive to ensure we provide low friction high-impact wins across everything we do. The role includes significant autonomy towards defining problem spaces and a mandate to build viable tools which are both internally- and externally-facing. A significant part of this job is meant to attract a multidisciplinary engineer. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, and develop cross-functional technical & soft skills, not just related to application/infrastructure security but securing all aspects of a fast-moving hypergrowth startup.

Our engineering team values agility, collaboration, and autonomy (lob.com/blog/engineering-agility-collaboration-autonomy) . We’re building a team of not just strong problem-solvers, but great collaborators—engineers who are excited to teach and learn from each other, share decisions and information freely, and work together on new problems that no other companies have solved before. Come join the best people in the business.

As a Senior Security Engineer, you’ll...

• Be a security subject matter expert and respond to any internal and external customer security engineering questions/requests
• Support and advise software engineering teams in the design of secure software. Coach and mentor other engineers
• Develop, implement, and communicate vulnerability mitigation strategies to development teams
• Threat model and pentest our internal and external applications
• Design, evangelize and implement security processes, technical controls, and architecture design patterns to enhance Lob's ability to prevent, detect, and analyze malicious activity
• Participate in defining security-related end user features in the Lob product
• Recommend and deploy tooling to manage security in the deployment pipeline as well as production systems
• Balance security risk with business goals and agility

For this role, we’re looking for...

• Proven interpersonal skills: Ability to explain complex technical issues to both technical and non-technical audiences. Collaborative approach to mentoring software engineers on the development of secure code
• Broad exposure to various security disciplines (at least 2 of application security, infrastructure security, incident response, account security, and risk & compliance), and understanding of the core principles behind security concepts
• Strong knowledge of web architecture, cloud and application architectures, and related security principles
• Systematic problem solving approach, coupled with a strong sense of ownership and drive
• Experience securing AWS based environments a plus, including security of different AWS Services, design of VPC architectures, best practices for IAM configuration and security of data within and across AWS accounts
• Experience with NodeJS and Golang a plus: having opinionated approaches to preventing and detecting vulnerable code patterns at scale
• Experience with Kubernetes and service mesh deployments a plus: CVE scanning, RBAC, mTLS, network security policies, pod security contexts, etc.

About Lob

Lob was built by technical co-founders with a vision to make the world programmable. We offer two flagship APIs (print & mail and address verification) that enable companies to send postal mail as effortlessly as sending emails. Lob is venture-backed by the most reputable investors in tech, and we are rapidly growing our team to shape the future of our company and meet the demands of a quickly growing customer base and dynamic product offerings.

We give our employees a lot of responsibility and ownership of their work. You will have fun at work while engaging in challenging projects with the best and brightest.

Perks

• Health benefits for you and your dependent(s)
• Healthcare and Dependent Care Flexible Spending Accounts
• Unlimited vacation policy
• Commuter & Parking benefits (includes monthly stipend)
• Wellness program (includes monthly stipend or free Barry’s Bootcamp classes!)
• Paid parental leave
• Free lunch, dinner, and snacks
• 401K
• Dog-friendly office
• Ground floor opportunity as an early member of the Lob team; you’ll directly shape the direction of our company

Our Commitment to Diversity

Lob is an equal opportunity employer and values diversity (lob.com/blog/power-diversity-starts-data) of backgrounds and perspectives (lob.com/blog/a-commitment-to-diversity) to cultivate an environment of understanding to have greater impact on our business and customers. We encourage under-represented groups to apply and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Forbes 30 Under 30 - Enterprise Technology 2017 #61 on Y Combinator's Top Companies List 2018 #26 2018 Fastest-Growing Private Companies, The Business Journals