about 11 hours ago

Logo of Zoom

Staff Security Engineer - Email

$146k - $339k

Zoom

RemoteUS

What you can expect

The Staff Security Engineer (Email) at Zoom is responsible for the security design and review of Zoom products, with a focus on the email service. The ideal candidate should possess a combination of excellent technical knowledge across multiple product security domains and great working knowledge and experience in end-to-end email service security.

They will work closely with engineering teams to design, develop, and validate security solutions. As an advocate and SME in secure mail platform design, implementation, and validation, they’ll serve as a trusted advisor. They will provide architectural guidance and verify security implementations.

This is an exciting opportunity to work with cutting-edge technologies in cloud and security, and to make a meaningful impact on Zoom Mail and related products.

About the Team

The Security Architecture team is dedicated to ensuring Zoom releases and deploys secure products. We work with diverse engineering teams across the organization to meet security goals and maintain compliance with established SLAs.

Responsibilities

  • Guiding engineering team in end-to-end secure email system design and implementation, as the subject-matter expert.

  • Conducting threat modeling, architecture review, security code review, security assessment, and security testing (web application, native application, web services, cloud-based services, and infrastructure assessments).

  • Performing cloud infrastructure reviews from a security perspective. The primary focus will be on AWS and many of its common service components such as S3, IAM, EC2, VPC, etc.

  • Performing in-depth security review of new Zoom features and functionalities in addition to Email services. This includes identifying security vulnerabilities (OWASP Top Ten, common issues in NVD, RCE, etc.) and reviewing code in C++ and/or Java. It also includes verifying security posture through testing (using manual/automated techniques with tools like Burp Suite and Coverity).

  • Identifying gaps in existing cloud security architecture design/configuration, recommend changes or enhancements (authentication, authorization, network segmentation, container configuration, etc.).

  • Providing hands on security training and secure coding best practices to engineering teams.

What we’re looking for

  • Work experience and understanding of email protocols like SMTP, IMAP, SPF, DKIM and DMARC.

  • 3+ years experience securing multi-tenant email platforms, technology and infrastructure including components such as webmail, MTA, identity and access management, and spam filtering.

  • Possess a Bachelors in Computer Science, Information Science, Cybersecurity, Computer or Electrical Engineering (or similar field), and 5+ years experience in security.

  • Have extensive experience in security testing in various environments. This includes assessing the security posture of web applications, native applications, distributed systems, and cloud infrastructure such as AWS.

  • Have a good understanding of software security architecture and design, threat modeling, security code review, cryptography, and SDLC. Also have the ability to clearly articulate best practices and mitigations for application security.

  • Have hands on security experience working with AWS and common service components within AWS. Ability to identify security gaps in the overall design as well as configuration issues in individual components.

  • Have in depth knowledge of network based, system level, and application layer attacks and mitigation methods.

  • Have good knowledge of technology and security topics including network and application security (OWASP), infrastructure hardening, security baselines, web server, and database security.

  • Have good development experience in one or more of the programming languages and platforms such as C++ or Java is required.

Salary Range or On Target Earnings:

Minimum:

$146 700,00

Maximum:

$339 300,00

In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.

Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience.

We also have a location based compensation structure;  there may be a different range for candidates in this and other locations

At Zoom, we offer a window of at least 5 days for you to apply because we believe in giving you every opportunity. Below is the potential closing date, just in case you want to mark it on your calendar. We look forward to receiving your application!

Anticipated Position Close Date:

06/25/25

Ways of Working
Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting.

Benefits
As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn for more information.

About Us
Zoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.
We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Find room to grow with opportunities to stretch your skills and advance your career in a collaborative, growth-focused environment.


Our Commitment​

At Zoom, we believe great work happens when people feel supported and empowered. We’re committed to fair hiring practices that ensure every candidate is evaluated based on skills, experience, and potential. If you require an accommodation during the hiring process, let us know—we’re here to support you at every step.


If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed.

## LI-Remote