Uncubed
           

Senior Security Engineer

OneLogin, San Francisco HQ

Secure Access for Every User, Every App, Every Device


OneLogin brings speed and integrity to the modern enterprise with an award-winning single sign-on (SSO) and cloud identity management platform.  Our portfolio of solutions secures connections across all users, all devices, and every application, helping companies drive new levels of security, and efficiency across all applications. With a powerful business platform and an award winning company culture,  OneLogin manages and secures millions of identities around the globe. We are headquartered in San Francisco, California. For more information, visit www.onelogin.com, Blog, Facebook, Twitter, or LinkedIn.

 About OneLogin Engineering

We value technical design skills, programming ability, and teamwork. Being able to design applications from top to bottom, troubleshooting and debugging tough problems, and brainstorming new ideas are important to this role. You will be working primarily with Ruby, Rails, and Javascript, but our general approach is to choose the best language for the job. We utilize PostgreSQL for storage, and we use RabbitMQ and RESTful APIs for communication between our various services. We employ continuous integration for testing and deployment.

 About you

You value open collaboration, have a strong desire to learn, and are excited to pick up new skills and technologies. You like to share your knowledge with others and are willing to ask for help in return. You enjoy solving difficult problems, and make use of metrics, monitoring, and testing to help you understand the inner workings of a system. You’re excited to work closely with people throughout the organization, from close teammates to members of ops, UX designers, and service team members.

About the role

In this role, you will lead efforts to uncover and solve security issues before threat actors do. You will use a Red Team approach to deliver actionable improvements to our product and infrastructure. Just as importantly, you will evangelize secure coding and other security best practices to instill this mentality throughout the Engineering organization. You must have experience not only finding issues, but also designing solutions for them.

Your Experience

  • The ideal candidate has at least 10+ years relevant experience
  • Extensive experience in application security, especially offensive techniques
  • Extensive contributions to bug bounty programs or other responsible disclosure programs
  • Solid experience training or mentoring other engineers in secure coding and other security best practices
  • Experience coding in Ruby, Node.js a plus
  • Published contributions to the security community

 Our core values

  • Integrity - As a security company, integrity is our highest priority. We deliver on our commitments and treat customers, partners and colleagues equally
  • Innovation - Innovation is in our DNA and we always try to look ahead of the curve and think smarter, faster, bigger and better
  • Excellence - We strive for excellence and quality in everything that we do in order to drive customer satisfaction and loyalty
  • Urgency - We live in a real-time world where the marketplace is fiercely competitive and customers expect instant gratification. We operate with extreme urgency to address customer needs and resolve issues promptly
  • Customers for life - First and foremost, we are here to serve our customers. We take a long-term view of customer relationships and focus on building long-term value
  • Great place to work - Create a work environment of transparency, trust and professional challenges that attracts the best possible people

 

 

About OneLogin

OneLogin brings speed and security to the modern enterprise as a leading identity management and single sign-on (SSO) vendor. Businesses of all sizes use OneLogin to secure company data, while increasing IT administrator and end users efficiencies. Implementation of our identity management solutions can be achieved in hours not days, delivering a fully featured administrative and self-service portal. Our ability to handle on-premises and cloud/SaaS applications makes us the identity management vendor of choice for the hybrid enterprise. Two factor authentication, mobile identity management for one-click access on smartphones and tablets, and real-time directory synchronization add an extra layer of protection.

Once logged in, instant access to popular apps such as Office 365, G Suite, AWS and Workday is a workforce’s dream, and with our extensive catalog of over 5,000 pre-integrated applications, you can be assured that your users will quickly gain secure one-click access to all the applications they need. And when employees depart, real-time offboarding instead of batch-processing protects corporate data. No matter where your users are or what device they are using, our identity and access management system is here to make users safe and productive - anytime, anywhere. As a pioneer in developing open standards for identity management, including SAML, OpenID Connect and SCIM, OneLogin's enterprise identity authentication system manages and secures millions of companies around the globe.

Want to learn more about OneLogin? Visit OneLogin's website.