Staff Security Engineer
Anywhere, US
Dialpad
Communicate with customers on every channel & uncover more insights with Dialpad's AI-powered customer intelligence platform. Try it for free!Work Beautifully
Dialpad is where work comes together—one, beautiful workspace for anywhere communication & collaboration. With the industry’s most innovative business phone system, unlimited text and team messaging, one-click video meetings, and the world’s most advanced AI Contact Center—Dialpad is completely transforming how the world works together.
Our People. Our Culture.
At Dialpad, we believe that when the right people come together, anything is possible. We’ve created an incredible, passionate, and welcoming culture that truly makes Dialpad an amazing place to work. We also place equity, balance, and belonging at the heart of everything we do.
At Dialpad, work isn’t a place you go, it's a thing you do. And we don’t just build products for anywhere workers—we are anywhere workers. With offices in the Bay Area, Austin, Vancouver, Waterloo, Tokyo, London, Sydney, and Bangalore to support our hybrid workers, and remote workers around the world, we are dedicated to building a diverse workforce, where each individual is welcomed and valued for their different perspectives and contributions.
Join The Movement
After founding Google Voice and radically transforming consumer communications, our founders set out to completely transform the way the world works together. With over $2B in valuation and funding from Google Ventures, Andreessen Horowitz, OMERS Growth Equity, ICONIQ Capital, Felicis Ventures, Work-Bench, Scale Ventures, and other top VCs, Dialpad attracts top talent from leading tech companies, and every member of our team plays an essential role in creating dynamic products that enable workers to collaborate and be productive from anywhere.
The team
Dialpad’s Security Engineering Team works within our Engineering department across core functions such as Platform, Product, and AI Engineering. The Security Team works to build Trust for our customers and help ensure a resilient and reliable Dialpad Product. The Trust areas are focused on security, privacy, and compliance. As we scale these functions, the Staff Security Engineer will be an integral part of building people, processes and technology across Engineering Functions to help meet the Trust objectives.
In your first 90 days:
- You will become intimately familiar with Dialpad and its subsidiaries’ infrastructure
- Build an overview of the system development life cycle and the areas of security controls within it.
- Oversee the development of an updated network and infrastructure map for Dialpad’s infrastructure, with security controls identified.
- Perform security reviews by performing threat modeling on 2-3 product features
- Get an understanding of Dialpad’s current vulnerability management program and additional security control environments.
In your first 6 months:
- Own the deployment of security controls within the system development life cycle via static and dynamic product security checks
- Implement a repeatable threat modeling program for all product areas.
- Integrate cloud infrastructure logging into Dialpad’s centralized logging services and build a baseline of security alerts for the integrated logs.
- Build and pilot a strategy for Dialpad’s secrets management framework that automates current processes.
- Determine an updated strategy for infrastructure patch management automation.
By 1 year:
- Become the subject-matter expert for the Security Engineering function
- Implement a holistic security engineering awareness program to Dialpad engineering organization with 300+ staff.
- Define the strategy for security engineering resourcing and program objectives for the next year.
- Implement metrics to track our security posture for product and infrastructure security.
Who you are
A passionate security professional who has 5+ years of experience working in product and infrastructure security programs. You are able to build processes and tools to help shift security controls left in the development pipeline. You have familiarity in implementing threat modeling frameworks such as STRIDE, CVSS, or others, application security vulnerability frameworks such as OWASP, NIST, and an understanding of cloud security frameworks such as CIS, CSA. You have implemented and maintained static and dynamic application security tools, product and infrastructure secret management frameworks, and infrastructure security monitoring. You have mentored security team members to own tools/processes, as well as collaborated with engineering leaders across different areas to implement security controls in their processes.
As a bonus,
- You may have experience working with infrastructure logging and building automated security alerts for cloud infrastructure security controls.
- You have a security certification such as a CISSP, CCSP, CISM, or SSCP.
- You have previous experience working with both public cloud and private cloud environments
- You have previous experience working with SaaS enterprise companies, or communication providers.
Benefits
Culture
We’ve been named a Top Workplace seven times because we truly live and breathe our culture. In alignment with one of our core values, “Skill & Will,” we strive to bring on only the most passionate and talented people to our team. Collectively, Dialers work together to solve problems that help the everyday worker. We foster a collaborative environment where people are elevated, wins are celebrated, and development is encouraged.
Compensation and Equity
Teamwork makes the dream work. Recognizing that our talented and committed team members drive our success, Dialpad offers competitive salaries in addition to stock options because each Dialer participates in our success.
Healthcare and Wellness
An apple a day keeps the doctor away—and it doesn’t hurt that we offer great options for medical, dental, and vision plans for all employees. In addition, we offer resources for you through our Employee Assistance Program. We even offer a monthly stipend to help cover your gym membership costs and offer a variety of wellness events to attend. Who wants to join a fitness class, a zen session, or a cooking class? That and more are available to all Dialpad employees!
Equity, Balance, and Belonging
At Dialpad, we value the humanity that makes each of us unique. We strive to ensure everyone is supported equitably, and Dialers are free to bring their full selves to work each day, and celebrate others doing the same. We champion the intersectionality that exists between gender identity, ethnicity, age, disability status, and the many other aspects of our greater humanity.
Flexible Work Accommodations
These days, it’s business as unusual. That’s why we offer a monthly stipend to help cover your cell phone and home internet. We also cover costs for home office equipment and encourage employees to take advantage of our generous time off and vacation policy.
Education
We believe in your future as much as you do! That's why we offer a yearly stipend for continued learning and education expenses.
Dialpad is an equal opportunity employer. We are dedicated to creating a community of
inclusion and an environment free from discrimination or harassment.
Tags: Application security Automation CCSP CISM CISSP Cloud Compliance CVSS Monitoring NIST OWASP Privacy Product security SaaS SSCP Strategy Vulnerability management
Perks/benefits: Career development Cell phone stipend Competitive pay Equity Fitness / gym Flex hours Flex vacation Gear Health care Home office stipend Salary bonus Team events Unlimited paid time off Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs