Product Security Engineer at Frame.io
New York City, NY, US

Why Frame.io?

At Frame.io, we’re powering the future of creative collaboration. Over 700,000 video professionals use Frame.io to seamlessly share media and gather timestamped feedback from team members and clients. Simply put, we help companies create better video, together.

We want you to get better too. We believe that we have a duty to be the stewards of your career, both at Frame.io and beyond. Having conversations about your entire career and not just your time here helps align our incentives and makes everything so much easier.

Frame.io is backed by Accel, SignalFire, FirstMark, Jared Leto and a host of other phenomenal investors. We've built a highly functional and market-leading product used and loved by companies such as Turner, Disney, NASA, Snapchat, BBC, BuzzFeed, TED, Adobe, Udemy, and many more.

 

About the Role

We are looking for a highly motivated, adaptable and talented Product Security Engineer who is an expert in building/breaking/educating. Your work will directly impact the experience of our highly passionate creator community. We are looking for natural innovators who strive to continuously improve and learn. 

  • Work independently with developers, product owners, and other colleagues to ensure secure design, development, and implementation of our applications
  • Review application security controls and designs prior to live implementations of new features or products
  • Serve as the security expert and communicate information security-related concepts to technical and non-technical team members
  • Evangelize secure code development practices internally

 

What we think you'll need to be great at this job…

  • Strong foundation in and an in-depth technical knowledge of application security, particularly web application and iOS security
  • Keen ability to break the applications in order to uncover security flaws
  • Strong understanding of secure SDLC practices and the ability to implement them
  • Strong understanding of cryptographic algorithms and protocols
  • Expertise in application security related concepts, such as authentication, authorization, data integrity, session management, access controls, and input/output handling
  • Experience in managing vulnerability management programs
  • Experience conducting application penetration tests
  • Proficient in one or more of the programming languages (Elixir, Node.js, Python, Go)
  • Willingness to tackle any challenge, even if not directly relevant to core competencies
  • AWS knowledge is a plus

 

Benefits

  • Competitive salary and equity
  • Medical, Dental, & Vision Insurance
  • OneMedical membership
  • Daily catered lunch & fully stocked kitchen with cold brew on tap
  • Unlimited PTO
  • Volunteering paid time off
  • Work From Anywhere Week
  • Pre-tax commuter benefit
  • Discounted gym membership
  • ClassPass discount
  • Free Citi-Bike membership
  • Paid parental leave
  • Flexible Spending Account
  • Influence in a small, fast paced team

At Frame.io, we believe that learning from different backgrounds and perspectives will allow us to elevate each other and help us build a better product for our users.

We are proud to be committed to equal employment opportunity, regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status.