Oblong Industries is delivering the future of work with Mezzanine™ — a groundbreaking collaborative conference room solution from Oblong that is already changing the way groups of people meet and work, in the same room or across distances. To do that we need a top notch, lifelong learners who are excited to share ideas and solve challenging problems that will help shape the future of collaborative work.

The Mezzanine team is looking for a Security Engineer to keep our core product, Mezzanine and its appliances and cloud services, secure. This is a high-impact role in charge of writing new security related code, auditing existing code and architectures for security flaws, and reviewing new features for security and privacy. You will work with the Mezzanine team to secure the system, but will also collaborate closely with many parts of the organization and occasionally interact with customers. Clear communications skills are crucial for this role. This position is located in Los Angeles, CA or Boston, MA. 

Responsibilities:

• Develop production-quality code while applying security best practices
• Architect and develop security requirements for Mezzanine and our cloud services
• Improve and maintain current Mezzanine security policies and communicate them to other parts of the company
• Keep up-to-date with software vulnerabilities, especially third-party security updates. Provide recommendations and implement fixes for them
• Introduce automated security scans into our CI/CD pipelines

Basic qualifications:

• 2+ years of professional experience delivering production-quality code
• Proficiency in Ruby, Python, or Golang
• Working knowledge of REST APIs and web application frameworks
• Experience finding and mitigating OWASP Top 10
• Good understanding of cryptography (symmetric and asymmetric ciphers) and secure protocols (TLS, SRTP)
• Comfortable programming in a Linux environment
• Excellent written and verbal communications
• Passion for learning new technologies

Nice to have:

• Experience with vulnerability scanning tools like Metasploit, Nessus, Qualys, or equivalent
• Knowledge of containerization technology and container orchestration system (Kubernetes, Docker)
• Experience with WAF, integrating and monitoring IDS, incident response protocols, and other cloud security tools
• DOD 8570 compliant certification such as CISSP, CISM, CISA, or equivalent
• Participation in CTF, Red/Blue team exercises, security bounties

Benefits and perks:

• Competitive compensation package 
• Fully covered medical, dental, and vision insurance
• Unlimited PTO policy
• 401K plan
• Opt in lunch program available 3 days/week
• Located in the Downtown Los Angeles Arts District

All your information will be kept confidential according to EEO guidelines.