All Openings | Information Technology | Software Security Engineer

Software Security Engineer

Remote, United States

Apply now

Security Software Engineer

About GoPro

GoPro makes it easy for people to celebrate and share experiences. We believe life is more meaningful when shared. We build cameras, software, and accessories that help the world share itself in immersive and exciting ways.

GoPro is a global movement whose business is driven by shared experiences. We celebrate diversity. We practice inclusion. We foster belonging. We demand equity. And we share the experiences of individuals and communities who also hold these values as core to who they are. From Bucharest to Munich, Silicon Valley to Shenzhen, we are dedicated to building a company that reflects and honors the diverse global communities where we live, work, and play.

GoPro is looking for a Software Security Engineer to join our Information Security team to ensure GoPro’s applications and services are designed and implemented to maintain and enhance customer trust. If you enjoy analyzing software, applications, web services, operating systems, and networks from a security perspective, and you are skilled at discovering vulnerabilities and security flaws this position will provide you with a challenging opportunity. As part of the enterprise Information Security team you will participate in incident response, security audits, risk assessments, vulnerability testing and security reviews, bug bounty research on GoPro's systems.

What You Will Do

  • Identify software security design and architectural risks, and develop mitigation plans
  • Perform security assessments on native, managed, and interpreted software using static and dynamic analysis techniques, white-box, and black-box testing methods
  • Develop and maintain security analysis tools in Python, C/C++, JavaScript, Go, and/or Rust
  • Participate in Incident Response and problem remediation
  • Mentor software engineers on how to abate security vulnerabilities and threats in applications
  • Design, develop and deliver security training talks and courses for software engineers
  • Perform web, mobile, and desktop application penetration testing
  • Provide system administrative support for enterprise infosec services(SentinelOne, Cisco Umbrella, etc)
  • Participate in company level security compliance efforts
  • Administer the company’s bug bounty program and work with the engineering team for remediation
  • Develop proof-of-concepts, triage security bugs, and notify the appropriate engineering teams
  • Evangelize security within the company and be an advocate for customer trust and privacy protection
  • Work with the Security Advocates from the various Engineering teams to promote security within the organization
  • Work as a technical liaison to security vendors
  • Other duties as assigned

Skills We’re Excited About

  • BS in Computer Science or equivalent preferred
  • Experience implementing security solutions at various company sizes and system complexity
  • Professional development experience using at least one major programming language such as C, C++, Java, C#, and/or Python
  • Excellent written and verbal communication skills
  • At least 3 years of experience in application-level vulnerability testing and auditing
  • At least 2 years of experience working with development teams that have delivered software-based services, preferably in an agile environment
  • Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SSH, TLS, routing protocols)
  • Knowledge of system security vulnerabilities and remediation techniques
  • Experience with encryption technologies and authentication processes including but not limited to OAuth, SSL/TLS, WPA2, JWE, and BLE encryption
  • Experience with security testing tools such as Burp Suite, OWASP, Zap or related

Nice to Have

  • At least 3 years of system, network and/or application security experience
  • Experience with service-oriented architecture and web services security
  • Experience with the application of threat modeling or other risk identification techniques Scripting skills with Bash, Ruby, Python or Perl
  • Experience in system administration and support
  • Excellent leadership skills and teamwork skills
  • Results oriented, high energy, self-motivated
  • Experience integrating security code analysis tools in the SDLC
  • Experience with binary reverse-engineering using tools such as IDA Pro, radare2, OllyDbg, and hex editors
  • Experience working with teams in multiple geographical locations

GoPro Highlights

  • Get your very own GoPro camera + gear
  • Medical, dental, and vision insurance – premiums are 100% paid for employees, 80% paid for dependents
  • Life insurance and disability benefits
  • Generous time off policy
  • 12 weeks paid parental leave for new parents
  • Pre-tax and Roth 401(k) options
  • Discounted employee stock purchase plan (ESPP)
  • LiveHealthy monthly wellness reimbursement
  • Innovative remote-friendly wellness classes and events
  • Flexible work arrangements
  • Opportunities to get involved in the causes that you care about (annual camera donation + volunteer events)

We strive for the day that no group can be described as underrepresented at GoPro – whether as part of our brand or in our workforce. We are committed to providing a more inclusive, representative, equal, just and happy world. GoPro is proud to be an Equal Opportunity Employer.

The ranges added below are for Colorado-based hires only and will be dependent on candidate experience. Pay ranges for candidates in other locations other than CO may differ. Pay range: $108,375-$127,500

Our Mission

GoPro frees people to celebrate the moment, inspiring others to do the same. From cameras to apps and accessories, everything we do is geared to help you capture life as you live it, share the experience and pass on the stoke. We believe that sharing our experiences makes them more meaningful and way more fun.

GoPro was founded in 2002 by Nick Woodman—a surfer, skier and motorsports enthusiast in search of a better way to film himself and his friends surfing. What started with a 35mm camera and a wrist strap made from old wetsuits and plastic scraps has grown into an international company that has sold over 26 million GoPro cameras in more than 100 countries.

But it’s the millions of passionate GoPro users around the globe who bring the magic to life. They humble and inspire us every day with incredible creativity that helps us see the world in an all-new way—and fires us up to keep creating the most awesome, innovative products possible.

Get Notified of Open Positions!

Sign up to receive emails when GoPro posts open positions you might be interested in:

First Name

Last Name

Email

Tel # (Optional)

Location (Optional)

Current Company (Optional)

Current Job Title (Optional)

{{alert.msg}}