Log InSign Up
Premium

See who posted the job

Premium

Competitive Insights

Premium

Check your commute time

Closed

San Mateo, VT

Full-time | Information Technology

About the job


Sr. Software Security Engineer
GoPros versatile cameras and accessories enable people to self-capture immersive and engaging footage of themselves enjoying their favorite activities. From extreme to mainstream, GoPros HERO line of wearable and gear-mountable capture devices are transforming the way consumers, professional athletes, and video production professionals capture, manage and share meaningful photo and video content. Based in San Mateo, California, GoPros products are sold through more than 25,000 stores in over 100 countries worldwide and direct via GoPro.com. GoPro branded content is shared and enjoyed by millions of people on popular media channels such as Instagram, Facebook, Twitter, Vimeo and YouTube.
GOPRO and HERO are trademarks or registered trademarks of GoPro, Inc. in the United States and other countries.
Position
To be an awesome, fun, smart, hardworking, creative, friendly, responsible person in order to effectively help GoPro execute on the companys vision, create great products, and make a great working environment.
GoPro is looking for a Software Security Engineer to join our Information Security team to ensure GoPros applications and services are designed and implemented to maintain and enhance customer trust. If you enjoy analyzing software, applications, web services, operating systems, and networks from a security perspective, and you are skilled at discovering vulnerabilities and security flaws this position will provide you with a challenging opportunity. As part of the enterprise Information Security team you will participate in incident response, security audits, risk assessments, vulnerability testing and security reviews, bug bounty research on GoPro's systems.
Responsibilities
Identify software security design and architectural risks, and develop mitigation plans
Perform security assessments on native, managed, and interpreted software using static and dynamic analysis techniques, white-box, and black-box testing methods
Develop and maintain security analysis tools in Python, C/C++, JavaScript, Go, and/or Rust
Participate in Incident Response and problem remediation
Mentor software engineers on how to abate security vulnerabilities and threats in applications
Design, develop and deliver security training talks and courses for software engineers
Perform web, mobile, and desktop application penetration testing
Provide system administrative support for enterprise infosec services(SentinelOne, Cisco Umbrella, etc)
Participate in company level security compliance efforts
Develop proof-of-concepts, triage security bugs, and notify the appropriate engineering teams
Evangelize security within the company and be an advocate for customer trust and privacy protection
Work with the Security Advocates from the various Engineering teams to promote security within the organization
Work as a technical liaison to security vendors
Other duties as assigned
Requirements
BS in Computer Science or equivalent preferred
Experience implementing security solutions at various company sizes and system complexity
Professional development experience using at least one major programming language such as C, C++, Java, C#, and/or Python
Excellent written and verbal communication skills
At least 3 years of experience in application-level vulnerability testing and auditing
At least 2 years of experience working with development teams that have delivered software-based services, preferably in an agile environment
Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SSH, TLS, routing protocols)
Knowledge of system security vulnerabilities and remediation techniques
Experience with encryption technologies and authentication processes including but not limited to OAuth, SSL/TLS, WPA2, JWE, and BLE encryption
Experience with security testing tools such as Burp Suite, OWASP, Zap or related
Preferred
At least 3 years of system, network and/or application security experience
Experience with service-oriented architecture and web services security
Experience with the application of threat modeling or other risk identification techniques Scripting skills with Bash, Ruby, Python or Perl
Experience in system administration and support
Excellent leadership skills and teamwork skills
Results oriented, high energy, self-motivated
Experience integrating security code analysis tools in the SDLC
Experience with binary reverse-engineering using tools such as IDA Pro, radare2, OllyDbg, and hex editors
Experience working with teams in multiple geographical locations
GoPro Highlights
Fully-stocked kitchen with snacks galore
Get your very own GoPro (Mounts and accessories included)
Discounted employee stock purchase plan (ESPP)
Pre-tax and Roth 401(k) options
Discretionary Time Off
12 weeks paid Parental Leave for new parents
Medical, dental, and vision insurance premiums are 100% paid for employees, 80% paid for dependents
Life insurance and disability benefits
Employee commuter shuttles
LiveHealthy gym reimbursement
Innovative wellness programs and on-site fitness classes
GoPro is an equal opportunity employer.

#LI-SM
View Company Profile
1501 Lincoln Blvd.#1014 Venice, CA. 90291