Dropbox is a leading global collaboration platform that's transforming the way people work together, from the smallest business to the largest enterprise. With more than 500 million registered users across more than 180 countries, our mission is to design a more enlightened way of working. From our headquarters in San Francisco to eight dedicated Studios and a worldwide team of employees who choose where they work best, our Virtual First approach is leading the way into the future of work.
Our Engineering team is working to simplify the way people work together. They're building a family of products that handle over a billion files a day for people around the world. With our broad mission and massive scale, there are countless opportunities to make an impact.
As part of the Application Security team, you'll be working to reduce risk across Dropbox. We partner with engineering and product teams during each point of the software development lifecycle (SDLC) and help drive broader security initiatives across Dropbox.
Application Security Engineers provide security impact by developing secure-by-default libraries and frameworks that teams across Dropbox can frictionlessly integrate into their products. They also offer their expertise on security matters through cross-team consultations that cover design and threat modeling, as well as through documentation and educational initiatives.
- Act as a subject matter expert on application security domains involving web, mobile, and desktop platforms
- Conduct security consultations on new and existing products, and be able to communicate complicated issues to non-technical audiences
- Improve upon and further integrate the Secure Development Lifecycle (SDLC) into product design and engineering efforts
- Empower secure-by-default development by shipping libraries and frameworks that address classes of vulnerabilities at scale
- Assist with code reviews to proactively identify potential vulnerabilities, and follow-up with tooling to prevent future vulnerabilities
- 3+ years experience in application security engineering
- Strong communication skills and relationship building skills
- Experience in architecting and building application security on modern tech stacks across multiple platforms (web, mobile, desktop)
- Experience in building and scaling the Secure Development Lifecycle
- Experience with threat modeling and handling vulnerability reports
- Experience partnering with cross-functional engineering and product teams
- Be able to demonstrate software development experience
Dropbox is an equal opportunity employer. We are a welcoming place for everyone, and we do our best to make sure all people feel supported and connected at work. A big part of that effort is our support for members and allies of internal groups like Asians at Dropbox, BlackDropboxers, Latinx, Pridebox (LGBTQ), Vets at Dropbox, Women at Dropbox, ATX Diversity (based in Austin, Texas) and the Dropbox Empowerment Network (based in Dublin, Ireland).