Staff+ Product Security Engineer

<div class="content-intro"><h3><strong>Who We Are</strong></h3> <p>Verkada is transforming how organizations protect their people and places with an integrated, AI-powered platform. A leader in cloud physical security, Verkada helps organizations strengthen safety and efficiency through one connected software platform that includes solutions for video security, access control, air quality sensors, alarms, intercoms, and visitor management.<br><br>Over 30,000 organizations worldwide, including more than 100 companies in the Fortune 500, trust Verkada as their physical security layer for easier management, intelligent control, and scalable deployments. Founded in 2016, Verkada has expanded rapidly with 15 offices and 2,200+ full-time employees.</p></div><h3><strong>What You'll Do</strong></h3> <div> <ul> <li>Facilitate the security baked into our applications throughout the software development lifecycle</li> <li>Evangelize software security best practices through training and information sharing</li> <li>Partner closely with engineering and product teams to improve the security of Verkada’s products and exceed customers’ expectations</li> <li>Explore innovative solutions to enable Verkada business instead of “Security says No”</li> <li>Collaborate with other engineering leaders to define, communicate, and execute on goals, priorities and process</li> <li>Set up security tooling and secure defaults to ensure software security best practices</li> <li>Perform architecture analysis, threat modeling and technical design reviews of sensitive features and infrastructure</li> <li>Create and operate a bug bounty program</li> <li>Triage and recommend solutions for security bugs from tools, third party assessments and bug bounties</li> <li>Collaborate with the CISO and security team to grow the broader Verkada security program</li> <li>Share your security experience with other teams internally and externally via security conferences and blogs</li> <li>Help your peer engineers grow their own security reasoning and knowledge</li> <li>We are committed to a thriving in-office culture. This role requires you to be onsite at our HQ in San Mateo, CA.</li> </ul> <h3><strong>What You Bring</strong></h3> <ul> <li>Bachelor of Science in Computer Science degree or equivalent</li> <li>Strong experience with AWS, GCP or other cloud service provider</li> <li>7 - 10+ years of experience as a security engineer, software engineer, site reliability engineer, or security consultant</li> <li>Understanding of security weaknesses, exploits, attacks and mitigations</li> <li>Experience and enthusiasm for learning about new security products, features, and strategies;</li> <li>Coding ability. You will sometimes write production Python/Go code, security peer review code, build proofs of concept or implement automation scripts</li> <li>Excellent collaborative skills</li> <li>Outstanding written and verbal communication</li> <li>Experience with most of the following: Security Development Lifecycle, Threat Modeling, Architecture Analysis, Technical Design Review, Security Code Review, Open Policy Agent, SIEM</li> </ul> <h3><strong>US Employee Benefits</strong></h3> <p>Verkada is committed to fostering a workplace environment that prioritizes the holistic health and wellbeing of our employees and their families by offering comprehensive wellness perks, benefits, and resources. Our benefits and perks programs include, but are not limited to:</p> <ul> <li>Healthcare programs that can be tailored to meet the personal health and financial well-being needs - Premiums are 100% covered for the employee under at least one plan and 80% for family premiums under all plans</li> <li>Nationwide medical, vision and dental coverage</li> <li>Health Saving Account (HSA) with annual employer contributions and Flexible Spending Account (FSA) with tax saving options</li> <li>Expanded mental health support</li> <li>Paid parental leave policy fertility benefits</li> <li>Time off to relax an ... (truncated, view full listing at source)