Sr. Staff Software Engineer, Product Security
Our Product Security team supports the following tenet of Slack’s mission: to make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly our customers’ data. We take a systematic approach to security and strive to ensure we provide low friction high-impact security across everything we do.
You care about shipping secure products and ensuring that the way in for the bad guys is never through the front door. You are passionate about understanding the threat landscape in which web services and client applications must excel in order to protect user data.
In this role, you will provide strategic technical leadership to Slack’s product development. You will collaborate with Security, Product Management, Customer Success, Platform, Business Development, and Engineering teams at Slack. Your work will directly impact the way millions of people, teams, and businesses get things done using Slack.
What you will be doing
- Use data to identify emerging areas of risk to Slack products and infrastructure.
- Help build a multi-year strategy for improving the security of Slack’s web service and client applications.
- Partner with Product Security leads and other product engineering technical leaders to identify intrinsic product weaknesses, build component-specific security roadmaps to address them, and assist with the execution of those roadmaps.
- Mentor Product Security engineers to be more effective, impactful, and reach their goals.
- Recommend partnerships that could accelerate the evolution of Slack’s security posture; participate in the vetting of those relationships.
- Articulate Slack Product Security strategy, vision, and initiatives in external and internal venues.
What you should have
- Bachelor’s degree in Computer Science, Engineering or a related field, or equivalent training, fellowship, or work experience.
- 5+ years experience in software development.
- Deep understanding of web application architecture and design principles.
- Knowledge of internet security issues in software design and code.
- Experience in writing understandable, testable, secure code with an eye towards maintainability.
- Background in software engineering and common development practices in a collaborative and dynamic environment.
- Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
- Experience with Amazon AWS services and familiarity with Slack products is a plus.
- Several years of professional experience ensuring privacy and security of web applications is a plus.
Slack is registered as an employer in many, but not all, states. If you are not located in or able to work from a state where Slack is registered, you will not be eligible for employment.
Slack is an Equal Opportunity Employer and participant in the U.S. Federal E-Verify program. Women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Slack will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance.
Slack is a layer of the business technology stack that brings together people, data, and applications – a single place where people can effectively work together, find important information, and access hundreds of thousands of critical applications and services to do their best work. From global Fortune 100 companies to corner markets, businesses and teams of all kinds use Slack to bring the right people together with all the right information. Slack is headquartered in San Francisco, CA and has offices around the world. For more information on how Slack makes teams better connected, visit slack.com.
Ensuring a diverse and inclusive workplace where we learn from each other is core to Slack’s values. We welcome people of different backgrounds, experiences, abilities and perspectives. We are an equal opportunity employer and a pleasant and supportive place to work.
Come do the best work of your life here at Slack.