Uncubed
           

Senior Software Engineer - Product Security

Slack, San Francisco

Slack's cloud-based collaboration tools and services are used worldwide.


Our Product Security team supports the following tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly our customers’ data. We take a systemic approach to security and strive to ensure we provide low friction high-impact security across everything we do. As a member of the Product Security team you care about shipping secure products and ensuring that the way in for the bad guys is never through the front door. You are passionate in developing secure-by-default libraries and building new security services. Your work will directly impact the way millions of people, teams, and businesses get things done using Slack.

Responsibilities:

  • Develop libraries and services to enhance Slack’s strong security posture
  • Performing technical security assessments on our web applications, mobile clients, internal services, and partner applications
  • Contributing feedback to engineers during all phases of the development lifecycle
  • Communicating risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns
  • Serving as a public representative for security at Slack by engaging in internal and external speaking engagements
  • Maintaining your skills and keeping your technical knowledge current and relevant to the technologies used at Slack
  • Seeking out opportunities to automate processes when appropriate
  • Identifying risk in code, applications, processes, and architecture

Requirements:

  • Bachelor’s degree in Computer Science, Engineering or related field, or equivalent training, fellowship, or work experience
  • 2+ years experience in software development in languages such as: Java, Python, PHP, Go
  • Deep understanding of web application architecture and design principles
  • Knowledge of internet security issues in software design and code
  • Experience in writing understandable, testable, secure code with an eye towards maintainability
  • Having a strong computer science fundamentals: data structures, algorithms, programming languages, distributed systems, and information retrieval
  • Several years of professional experience ensuring privacy and security of web applications would be a plus
  • Strong written and verbal communication skills and communicate with empathy when delivering constructive feedback regarding security matters to engineers and product designers
  • Background in software engineering and common development practices in a collaborative and dynamic environment
  • Ability to lead technical architecture discussions and help drive technical decisions
  • Experience with manual secure code review in languages such as: JavaScript, Java, Python, Ruby, PHP, Go
  • Knowledge of authentication mechanisms like SAML, OAuth, etc.
  • Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
  • Knowledge of how to test code and applications across various platforms (iOS, Mac, Linux, Windows, Android, etc) for security and quality
  • Ability to see patterns, commonalities and investigate complex issues
  • Organizational skills to bring together and record detailed and accurate information about bugs and systemic issues
  • Experience with Amazon AWS services and familiarity with Slack products is a plus

 

 

Slack is an Equal Opportunity Employer and participant in the U.S. Federal E-Verify program. Women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Slack will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance.


 

About Slack

Empathy. Courtesy. Playfulness. Craftsmanship. Solidarity — these are some of the values we live by, as a company. We work by them, too: we’re building a platform and products we believe in — knowing there is real value to be gained from helping people, wherever they are, simplify whatever it is that they do and bring more of themselves to their work.

We’re building a strong, diverse team of curious, creative people who want to find a purpose in their work and support each other in the process. We work hard and we play to win… within normal business hours. And then we go home.

That balance is important: It enables us to truly do the best work of our lives. As a result, we create a place where all kinds of work happens — and happens well — all while working alongside people we respect and admire.

Want to learn more about Slack? Visit Slack's website.