Senior Security Engineer
What is Calendly?
Calendly takes the work out of scheduling so our customers have more time to work on what's really important. Our software is used by millions of people worldwide-with hundreds more signing up every day. To maintain this exciting growth, we're looking for top talent to join our team and help shape the future of our product.
Why join Calendly's Operations team?
As a Senior Security Engineer at Calendly, you have the chance to join our fast growing team of the brightest engineers in the world. This specialized role will embed with our site reliability squad to focus on secure design, implementation, and monitoring of the Calendly SaaS application. Armed with a strong understanding of cloud and application security, you will empower teams that understand system integrity and data protection is the key retaining our users' trust. You should be comfortable aligning with business, development, and operations stakeholders to implement and validate features across a suite of applications. This position is highly technical and offers the opportunity to continue building out the ultimate ecosystem of security testing automation and monitoring in a continuous deployment environment. You will need to be equally comfortable collaborating in our codebase or tuning our WAF as well as leading constructive dialogue about how we can improve our security practices as we grow.
What are some of the high impact opportunities you'll tackle?
- Design, build, and operate the core security infrastructure used by all of Calendly's engineering teams
- Establish and validate security controls during the SDLC
- Facilitate and perform static and dynamic code analysis - 1st party and 3rd party
- Implement new detection mechanisms, refine WAF settings, and incorporate automation
- Participate in disaster recovery and business continuity planning and exercises
- Threat modeling and risk analysis for implementation plans
- Incident review, mitigation, and resolution
- Identify and implement additional controls to enforce policies
- Participate in audits, policy revision, and procedure definitions
- Educate teams on standards, controls, and best practices in software security
- Make impactful decisions about systems and security - their edge cases, failure modes, and life cycles
This opportunity is for you if you have/are:
- 7+ years proven software security experience with a SaaS company
- Working knowledge of network protocols, IP communication security and applied cryptography
- Certified software applications via formal compliance review (SOC, PCI, ISO27001, etc)
- Experience incorporating a variety of automation tools in a continuous delivery framework
- Experience developing secure infrastructure and cloud services. Specifically, GCP is a big plus.
- Success in a challenging, fast-paced and collaborative environment
- Ability to communicate with business and technical stakeholders alike
- Teaching mentality in the pursuit of company-wide security awareness and adherence
- Experience working with build systems (Buildkite, Jenkins, TravisCI, etc...)
- Authorized to work lawfully in the United States of America. Calendly does not engage in immigration sponsorship at this time.
Calendly is registered as an employer in many, but not all, states. If you are not located in or able to work from a state where Calendly is registered, you will not be eligible for employment.
Back to top