Security Engineer

San Francisco, CA

Applications have closed
Directly logo

Security and privacy are central to every customer we work with at Directly (Samsung, Microsoft, Airbnb). As a result, we have a culture that designs privacy and security into every facet of our business. With that, our Engineering team is looking for a Security Engineer to protect the Directly SaaS platform and services. As the first full-time Security Engineer there is opportunity for broad responsibility within the engineering team. First and foremost you're passionate about writing code -  you’ll build features as part of a cross-functional agile development team.  Additionally, you’ll help other engineers make their code more secure by implementing security best practices in code and security reviews of technical design documents. You will also drive our pen tests (internally & 3rd party), and our public bug bounty program (BugCrowd). We can’t wait for you to join!

What You'll Do:

  • Work hands-on with our Engineering and DevOps teams to ensure that the right processes and infrastructure are in place to develop, deploy, and run code with minimal security vulnerabilities
  • Run our public bug bounty program
  • Triage, prioritize, schedule, and even commit (at the code-level) necessary security fixes
  • Run security reviews and signoff for new/existing code and architecture changes including Tech Spec, PR Review, and Architecture review
  • Assist the Director of Information Security in collecting evidence for compliance and customer security requests
  • Manage access control for engineering and the wider Directly team

What We're Looking For:

  • 3-5+ yrs security + related technical experience in cloud software (preferably enterprise, AWS hosted)
  • 3+ yrs software engineering experience
  • 2+ yrs supporting AWS environments
  • Familiarity with JWT, CORS, CSRF, Spring Security, OAuth, SSO, SSL, OpenVPN
  • Comfortable with scaled agile workflow

Bonus Points:

  • Familiarity with software stacks: Grails/Python (Django)/Node
  • Familiarity w/ Docker and/or Kubernetes
  • Familiarity w/ MySQL, RabbitMQ, Redis, Memcached
  • Familiarity w/ Terraform and/or Puppet
At Directly, we are focused on building a dynamic and inclusive community where everyone can do the best work of their lives. Directly is an equal opportunity employer and committed to creating an inclusive environment. We hire, develop, and retain the most talented individuals by celebrating our diverse cultures, perspectives, skills, and experiences.

Directly provides resilience to companies by delivering more automated and elastic customer support operations. Our platform integrates into the contact center to understand customer issues, automate common solutions, and engage community experts. This enables customer support leaders to resolve customer issues with the right mix of automation and human support.
Companies like Airbnb, Microsoft, and Samsung use the Directly platform to improve the customer experience, boosting CSAT by 20%, while saving millions per year. 
We are based in San Francisco and backed by Microsoft’s M12 Ventures, Samsung NEXT, True Ventures, Costanoa Ventures, Industry Ventures, Triangle Peak Partners, and Northgate Capital.
Directly has an amazingly talented team focused on collaboration and melding together creativity, technology, and data-driven insights. Come join us and contribute to our culture of curiosity, authenticity, and innovation!
Job region(s): North America
Job stats:  27  2  0

Explore more Information Security career opportunities