Security Engineer

What you can expect

As an Application Security Engineer, you will work with security testing automation and tools, focusing on Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) implementation. You will develop security programs, guide teams on secure coding, and manage container security. The role combines technical work (vulnerability assessment, security testing, automation) with cross-functional collaboration. You will communicate security recommendations and help modernize security processes through CI/CD integration, while working with advanced tools including AI solutions.

The security team specializes in application security engineering, focusing on automating security testing through SAST and DAST tools. They develop security programs, guide secure coding, and manage container security. Their role blends technical tasks like vulnerability assessments and automation with cross-functional collaboration. A key focus is modernizing security through CI/CD integration and using advanced tools, including AI, to strengthen security practices.

• Developing or employing 3rd party security test automation solutions for Containers, Software Composition Analysis, and SAST/DAST.
• Developing and enforcing security policies, procedures, and standards specific to container development and deployment.
• Triaging and validating security vulnerabilities found or reported by security tools, communicating issues to the application owners, providing meaningful remediation recommendations, and validating their resolution.
• Participating in manual security testing on web applications, web services, native and mobile applications while measuring coverage.
• Identifying potential vulnerabilities (OWASP Top 10, CVEs in the National Vulnerability Database, and other common issues) and methods of improvement in security design or implementation.
• Collaborating with development and operations teams to integrate security into the CI/CD pipeline and automate security processes.
• Developing tools or scripts to automate repetitive tasks to streamline security automation and integration with CI/CD processes.

• 3+ years of experience with a Bachelor's, or 1+ year of experience with a Master's in a related field (Computer Science, Information Security, Computer Engineering, etc.).
• Proven experience working as a Security Engineer or in a similar role with a focus on security testing, container security, and Software Composition Analysis/ SAST/DAST.
• Demonstrated experience with container security tools, image scanning, and vulnerability management; knowledge of security principles, protocols, and standards like CIS benchmarks and OWASP Top 10.
• Experience with one or more security tools such as Kali Linux, Burp, Checkmarx, Netsparker, Coverity, Prisma, etc.
• Strong analytical and problem-solving skills, with the ability to identify and mitigate security risks in complex environments.
• Excellent communication and interpersonal skills, with the ability to collaborate with cross-functional teams and communicate technical concepts to non-technical stakeholders.
• Relevant certifications (e.g., Docker Certified Security Specialist, Certified Kubernetes Security Specialist).
• Experience with Interactive Application Security Testing (IAST) and incident response/security platform concepts (security defense) in real time.

Minimum: $87,600.00

Maximum: $

In addition to base salary and/or OTE, Zoom has a Total Direct Compensation philosophy that takes into consideration base salary, bonus and equity value.

Note:

Starting pay will be based on a number of factors and commensurate with qualifications & experience.

We also have a location-based compensation structure; there may be a different range for candidates in this and other locations.

Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person, is indicated in the job description/posting.

As part of our award-winning workplace culture and commitment to delivering happiness, our…