Security Engineer - Location Flexible

Role Description 

Dropbox’s Product Security team partners with engineering and product teams to ship awesome products securely and agilely.  Product security engineers drive security impact on all Dropbox product initiatives by championing security principles during the software development lifecycle and by building scalable, cleverly engineered 'paved roads' which give strong security assurances by default. In this role, you will own whole domains of high-impact engineering work, working cross-functionally to see them through from concept to completion.

Responsibilities

• Act as a subject matter expert on information security and partner with business units to identify, measure, report and address security and privacy risks
• Work closely with product managers and product engineering teams to prioritize roadmap initiatives and to enable shipping awesome products with cutting-edge security solutions
• Operate and improve Secure Development Lifecycle that measurably monitors and controls security risks across products
• Design and implement automation to enable security operation at scale
• Conduct security consultations on new and existing products and perform code reviews to proactively identify potential vulnerabilities
• Empower secure-by-default development by shipping cleverly engineered, scalable application security mechanisms that address classes of vulnerabilities at scale

Requirements

• 5+ years experience in application security engineering
• Strong communication skills, relationship building skills, and fast learning
• Experience in building and scaling secure development lifecycle
• Significant proficiency in architecting and building application security on modern tech stacks across multiple platforms (web, mobile, desktop)
• Strong software development skills, ideally with Python, Golang, Ruby on Rails.
• Experience with pentesting and threat modeling
• Experience partnering with cross-functional engineering and product team