Security Application Engineer (Application Security Team)

Say hello to opportunities.

 It’s not every day that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role. First, a little about us, we’re a $2 Billion annual revenue company with double digit Annual Recurring Revenue (ARR) and a $93 Billion market opportunity in UCaaS, Contact Center and AI-powered adjacencies. We invest more than $250 million annually to ensure our AI-enabled technology and platforms meet or exceed the needs of our customers. 

RingSense AI is our proprietary AI solution. It’s designed to fit the business needs of our customers, orchestrated to be accurate and precise, and built on the same open platform principles we apply to our core software solutions.

The RingCentral Application Security team is a part of a larger CISO team. The area of responsibility of the application security team includes enablement and support for RingCentral’s Security Development Lifecycle (SDL) program. This includes development of infosec governance artifacts i.e., policies, standards and procedures for secure software development at RingCentral, leading security architecture reviews and threat modelings, developing security requirements, SAST/DAST/SCA testing and integration of these tools into the build and deploy process, penetration testing, managing bug bounty program.

We are looking for a Security Application Engineer with a strong understanding of web-application vulnerabilities, how they can be detected, exploited and remediated.

This role requires on-site presence at our office 4 days a week to support effective collaboration and teamwork.

Responsibilities:

• Collaborate with Product Management, Engineering and Analytics teams to ensure RingCentral products, applications and tools support both security architecture and secure development standards

• Drive adoption of security and privacy aware SDLC discipline across all organizations

• Identify gaps in existing security architecture and collaborate with engineering to design, review and approve changes or enhancements

• Enforce security guardrails for all RingCentral products and applications

• Lead security risk assessments for proposed cloud and endpoint designs, architectures and solutions

• Provide vulnerability remediation design and solutions

• Provide clear, risk-based assessments of product security maturity including areas for improvement and if needed, identify stop-ship situations

• Collaborate with Cloud platform and product architecture teams to embed security standards

• Support integrations of automated security testing tools (SAST/DAST/SCA) into the build and deploy process

• Provide support to engineering teams working with automated security testing tools

• Lead annual and ad-hoc security assessments, which includes:

  • Security design review and threat modeling

  • Targeted security code review

  • Penetration testing

• Coordinating efforts of external penetration testing consultants

• Triage reports from the bug bounty platform, address them to responsible engineering teams

Qualifications:

• Technical experience in product architecture, design, implementation

• Expertise with product security design, review, implementation including threat modeling and risk assessment implications

• Extensive experience with application testing- SAST/DAST, penetration testing

• Secure design and implementation capabilities

• Experience with open-source software including lifecycle management, vulnerability management tools

• Excellent communication skills, both verbal and written; ability to condense complicated scenarios into simple, risk-based assessments, appropriately targeted for colleagues and upper management

• Outstanding organizational and time management skills, desire to work within a highly collaborative team

Nice-To-Have:

• WebRTC, Video and audio streaming

• Video codecs

• B.S. or equivalent in CS or EE

What we offer: 

• Well-coordinated professional team.

• Cutting edge technologies, interesting and challenging tasks, dynamic project, great opportunities for self-realization, professional and career growth.

• Additional Health and Life Insurance Package.

• Employee Assistance Program.

• 25 vacation days.

• 200 BGN Digital Food Vouchers.

• 120 BGN Gross as part of the salary for Working Expenses Allowance.

RingCentral’s Engineering Team works on high-complexity projects that set the standard for performance and reliability at massive scale. What kind of scale? Millions of users today and hundreds of millions tomorrow. This is  your chance to help imagine, develop and deliver products that raise the technological bar, and power human connections. If you’re a talented, ambitious, creative thinker, RingCentral is the perfect environment to join a world class team and bring your ideas to life. 

RingCentral’s work culture is the backbone of our success. And don’t just take our word for it: we are recognized as a Best Place to Work by Glassdoor, the Top Work Culture by Comparably and hold local BPTW awards in every major location. Bottom line: We are committed to hiring and retaining great people because we know you power our success. RingCentral offers on-site, remote and hybrid work options optimized for the ways we work and live now.

About RingCentral

RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone™  (MVP™) global platform. More flexible and cost effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral® empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location. RingCentral is headquartered in Belmont, California, and has offices around the world.

RingCentral is an equal opportunity employer that truly values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.