Product Security Engineer

About the team & opportunity

What’s so great about working on Calendly’s Security team?

Calendly is growing rapidly and is scaling its security team to ensure the security of its users. You will have the chance to work with a small team of exceptional security engineers to build Calendly’s security practice from the ground up.

Why do we need you? Well, we are looking for a Security Engineer who will bring significant application and infrastructure security skills, automation experience, and a strategic mindset to security. You will report to the head of Product Security, and will be responsible for ensuring the security of Calendly’s products and infrastructure, shipping security automation, and driving security improvements in Calendly’s roadmap.

A day in the life of a Product Security Engineer at Calendly

On a typical day, you will be working on:

• Assessing and elevating our cloud infrastructure security posture
• Implementing Google Cloud Platform security best practices and experience at scale
• Securing workloads in Google Kubernetes Engine using both native GCP and 3rd party software/tools
• Defining and communicating security requirements for new deployments, as well as standardizing security measures for common infrastructure patterns
• Contributing to the Product Security team’s automated tooling
• Introducing systemic and fundamental security and privacy controls in Calendly’s software and infrastructure
• Actively engaging with infrastructure, product, and engineering stakeholders regarding security strategy and tactics
• Supporting our bug bounty program and conducting security reviews

What do we need from you?

• Experience in cloud infrastructure (especially GCP), software development, and/or security experience at a SaaS or technology company
• Working knowledge for securing common patterns for cloud native applications on Kubernetes
• Experience with a variety of security tools (SAST, DAST, ASPM, SCA, etc) and OWASP top ten vulnerabilities
• Experience guiding product, engineering, or infrastructure stakeholders in delivering secure features
• Experience in at least one modern programming language (Ruby, Python, Go, C#, etc.)
• Experience articulating security principles and practices to technical and non-technical audiences
• Understanding of the Linux operating system, and systems engineering fundamentals
• Authorized to work lawfully in the United States of America as Calendly does not engage in immigration sponsorship at this time

What’s in it for you?

Ready to make a serious impact? Millions of people already rely on Calendly’s products, and we’re still in the midst of our growth curve — it’s a fantastic time to join us. Everything you’ll work on here will accelerate your career to the next level. If you want to learn, grow, and do the best work of your life alongside the best people you’ve ever worked with, then we hope you’ll consider allowing Calendly to be a part of your professional journey.