Product Security Engineer

About the team & opportunity 

What’s so great about working on Calendly’s Security team? 

Calendly is growing rapidly and is scaling its security team to ensure the security of its users. You will have the chance to work with a small team of exceptional security engineers to build Calendly’s security practice from the ground up. 

Why do we need you? Well, we are looking for a Security Engineer who will bring significant application and infrastructure security skills, automation experience, and a strategic mindset to security. You will report to the head of Product Security, and will be responsible for ensuring the security of Calendly’s products and infrastructure, shipping security automation, and driving security improvements in Calendly’s roadmap.

A day in the life of a Product Security Engineer at Calendly

On a typical day, you will be working on: 

• Assessing and elevating our cloud infrastructure security posture
• Implementing Google Cloud Platform security best practices and experience at scale
• Securing workloads in Google Kubernetes Engine using both native GCP and 3rd party software/tools
• Defining and communicating security requirements for new deployments, as well as standardizing security measures for common infrastructure patterns
• Contributing to the Product Security team’s automated tooling
• Introducing systemic and fundamental security and privacy controls in Calendly’s software and infrastructure
• Actively engaging with infrastructure, product, and engineering stakeholders regarding security strategy and tactics
• Supporting our bug bounty program and conducting security reviews

What do we need from you?

• Experience in cloud infrastructure (especially GCP), software development, and/or security experience at a SaaS or technology company
• Working knowledge for securing common patterns for cloud native applications on Kubernetes
• Experience with a variety of security tools (SAST, DAST, ASPM, SCA, etc) and OWASP top ten vulnerabilities
• Experience guiding product, engineering, or infrastructure stakeholders in delivering secure features
• Experience in at least one modern programming languages (Ruby, Python, Go, C#, etc.)
• Experience articulating security principles and practices to technical and non-technical audiences
• Understanding of the Linux operating system, and systems engineering fundamentals
• Authorized to work lawfully in the United States of America as Calendly does not engage in immigration sponsorship at this time

What’s in it for you? 

Ready to make a serious impact? Millions of people already rely on Calendly’s products, and we’re still in the midst of our growth curve — it’s a fantastic time to join us. Everything you’ll work on here will accelerate your career to the next level. If you want to learn, grow, and do the best work of your life alongside the best people you’ve ever worked with, then we hope you’ll consider allowing Calendly to be a part of your professional journey.

If you are an individual with a disability and would like to request a reasonable accommodation as part of the application or recruiting process, please contact us at recruiting@calendly.com . 

Calendly is registered as an employer in many, but not all, states. If you are located in Alaska, Alabama, Delaware, Hawaii, Idaho, Montana, North Dakota, South Dakota, Nebraska, Iowa, West Virginia, and Rhode Island, you will not be eligible for employment. Note that all individual roles will specify location eligibility.

All candidates can find our Candidate Privacy Statement here

Candidates residing in California may visit our Notice at Collection for California Candidates here: Notice at Collection

The ranges listed below are the expected annual base salary for this role, subject to change.

Calendly takes a number of factors into consideration when determining an employee’s starting salary, including relevant experience, relevant skills sets, interview performance, location/metropolitan area, and internal pay equity.

Base salary is just one component of Calendly’s total rewards package. All full-time (30 hours/week) employees are also eligible for our Quarterly Corporate Bonus program (or Sales incentive), equity awards, and competitive benefits.

Calendly uses the zip code of an employee’s remote work location, or the onsite building location if hybrid, to determine which metropolitan pay range we use. Current geographic zones are as follows:

• Tier 1: San Francisco, CA, San Jose, CA, New York City, NY
• Tier 2: Chicago, IL, Austin, TX, Denver, CO, Boston, MA, Washington D.C., Philadelphia, PA, Portland, OR, Seattle, WA, Miami, FL, and all other cities in CA.
• Tier 3: All other locations not in Tier 1 or Tier 2

Tier 1 Salary$153,000—$207,000 USDTier 2 Salary$140,300—$189,800 USDTier 3 Salary$127,500—$172,500 USD