HelloSign Product Security Engineer

San Francisco, CA

Dropbox logo
Apply now Apply later

Posted 1 month ago

Role Description

We are looking for a hands-on individual with a white hat hacker mindset to join us in a Security Engineer Role. This position will be a part of the HelloSign Security team and will work directly with the HelloSign engineering and product teams. As part of this role, you will mainly perform product security consulting, threat modeling, secure code reviews and help manage our bug bounty platform. You will work with the team to ensure our products are designed securely and all known issues are timely triaged and remediated.


  • Perform security consulting for all products and services. 
  • Perform security reviews of the web applications, source code, and infrastructure deployed by us.
  • Perform penetration testing and vulnerability assessments against the company’s products and services as well as lead and coordinate third-party penetration testing efforts.
  • Perform dynamic as well as static application security testing using open source and commercial tools.
  • Perform security assessments on all existing and any new third-party vendors. 
  • Triage all issues reported by external researchers via the bug bounty program at HelloSign.
  • Classify, prioritize, collaborate, and as necessary develop and implement solutions to ensure all security findings are appropriately remediated.
  • Automate security controls using scripting to the extent that it requires minimal human interaction.
  • Participate in 24x7 on call rotation for security related events.


  • Strong past experience in security engineering or application security role
  • Prefer BS or MS in Computer Science or Information Security or equivalent experience
  • Deep understanding of common web application vulnerabilities
  • Strong understanding of modern web applications and frameworks
  • Good understanding of Linux/UNIX based systems
  • Strong communication skills
  • Ability to show initiative to drive progress and improvement
  • Ability to handle multiple tasks, prioritize and meet deadlines
  • Ability to maintain confidentiality of sensitive customer data
  • Certifications like OSCP, CISSP, RHCE are a plus

Benefits and Perks

  • 100% company paid individual medical, dental, & vision insurance coverage
  • 401k + company match
  • Market competitive total compensation package
  • Free Dropbox space for your friends and family
  • Wellness Reimbursement
  • Generous vacation policy
  • 10 company paid holidays
  • Volunteer time off
  • Company sponsored tech talks (technology and other relevant professional topics)

About HelloSign, A Dropbox Company:

We believe that the way business gets done today is broken. That’s why we’re dedicated to simplifying work for everyone - from small startups to large enterprise companies. Millions of individuals and over 80,000 companies world-wide trust the HelloSign platform – which includes eSignature, digital workflow and eFax solutions – to automate and manage their most important business transactions.

With a sharp focus on user experience and a lust for innovation, HelloSign is on a mission to Simplify Work.

Life at HelloSign:

Our HQ office is located in San Francisco Mission Bay near the UCSF Medical Center and we have a number of team members distributed across the US! Just over 150 employees, we are growing the company deliberately, with a keen eye towards maintaining a culture that values lifestyle, fun and continuous improvement. We were awarded the Hirepalooza Culture Award for Lifestyle in 2015 and the Healthy Mothers Workplace Bronze Award in 2016 and 2017. In 2018, we won SF Business Times' Best Places to Work Award for Small Employers. We continue to maintain an overwhelmingly positive presence on Glassdoor and The Muse.

We have raving fans who love what we make

  • We're user-focused and product-driven
  • We're always evolving with an eye towards improvement
  • We're committed to building a product people want
  • We thrive on collaboration and learning from each other
  • We have a supportive, familial atmosphere
  • We work in an open, airy, creative space
  • We laugh a lot
  • And we'll never forget your birthday!
Job tags: CISSP Linux Open Source OSCP Penetration testing Security assessments Unix Vulnerabilities