Senior Product Security Engineer

COMPANY AT A GLANCE

Founded in 2013, Sendbird is the leading user engagement platform trusted by modern digital apps like Reddit, Delivery Hero, Dream 11, Carousell, Teladoc, DoorDash, and Hinge. We allow any app (or Website) to quickly and easily embed rich real-time chat, voice, and video experiences into their app to build connections with users and between users. This could be connecting drivers and consumers in a timely fashion to reduce cancellations for a delivery app, helping buyers get their questions answered from sellers to increase transactions in a digital marketplace, or increasing engagement between users in an online community. The platform has over 250M MAUs from over 50 countries operating in industries ranging from marketplaces, ride-sharing, and online communities to gaming, live video streaming, and healthcare.

The company is headquartered in San Mateo, CA with additional offices in; New York, Seoul, London, Singapore, and Bengaluru and has raised over $220M from leading investors, including: ICONIQ Capital, STEADFAST Capital Ventures, Tiger Global Management, Shasta Ventures, Softbank Vision Fund 2, and Y Combinator.

To learn more, visit the company website: www.sendbird.com   WHAT YOU WILL DO

• 엔지니어링 팀과 협업하여 안전한 기능들을 배포
• 기존 및 신규 제품에 대한 위협 모델링
• CI-CD 시스템에 보안 툴 탑재
• 잠재적인 보안 취약점을 식별하고 솔루션을 도출
• 센드버드 버그바운티 프로그램의 제보 건들을 분류하여 적시적으로 해결
• 센드버드 제품에 대한 새로운 공격을 식별하고 연구

EXPERIENCE AND SKILLS

• 웹 어플리케이션 보안에 대한 이해도가 높으신 분
• 위협 모델링에 대한 경험이 있으신 분
• 파이썬 자동화 관련 경험이 있으신 분
• AWS 관련 경험이 있으신 분
• 보안 관련 의사결정에 대해 토의하실 수 있는 분
• 프로젝트의 전체 과정을 주도하고 다른 보안 담당자들을 멘토링한 경험이 있으신 분
• 특정 코드에 대한 전문성이 더 뛰어난 개발자들에게 생각을 명확하고 효과적으로 전달하실 수 있는 분

BONUS POINTS

• Docker 및 Kubernetes 관련 지식이 있으신 분
• 컨퍼런스에서 발표를 하거나 오픈소스 프로젝트 경험이 있으신 분
• 보안 툴을 개발해본 경험이 있으신 분
• 버그바운티 프로그램에 참여한 경험이 있으신 분

 

WHAT YOU WILL DO

• Work with Engineering teams to help ship secure features
• Perform Threat Models on new and existing products
• Embed security tools into the CI-CD system
• Identity security gaps and come up with solutions
• Triaging submissions from our bug bounty program and ensuring they are fixed in a timely manner.
• Research and identify new attacks against SendBird’s products.

EXPERIENCE AND SKILLS

• Solid understanding of web application security
• Experience performing threat models.
• Experience with automation in python
• Experience with AWS
• An ability to reason about security decisions
• Experience leading projects from start to finish and mentoring other security practitioners
• An ability to communicate ideas clearly and effectively to engineers who know way more than you about their code

BONUS POINTS

• Docker & Kubernetes knowledge.
• Presenting at conferences or working on open source projects.
• Experience with developing security tools.
• Experience working with Bug Bounty Programs.

Vaccination Policy

We take our obligation to safeguard the health of our employees and their families; our customers and visitors; and the community at large from COVID-19 very seriously.  Effective January 1, 2022 we will offer access to our office spaces, any in-person meetings (customer or internal), Sendbird events, and any travel on behalf of Sendbird to our vaccinated and boostered employees only.  Accommodations will be granted unless they: 

• cause the Company any undue hardship, 
• pose a direct threat to the health and safety of others, 
• prevent an employee from performing the essential functions of their job.

Finally, there is no such thing as a perfect candidate. Sendbird is a place where everyone can learn and grow. We encourage you to apply if this role excites you.

At Sendbird, one of our core values is Global Citizenship.  We respect, promote, and encourage diversity for equal employment opportunities.  We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal state, or local law.