Senior security Engineer

We want to make work and study more efficient and enjoyable, by providing the best digital paper solution possible. We plan to be the go-to tool for all forms of notes. Our digital paper and learning ecosystem inspires anyone to take notes, share what they know, collaborate with others, and learn as a community

Our Values:

Dream big

—Be visionary, strategic, and open to innovation

Build great things

—Work in service of our users, always improving and pushing higher

Take ownership

—Take responsibility with bold decision-making and bias for action

Win like a sports team

—Be trusting and collaborative while empowering others

Learn and grow fast

—Never stop learning and iterate fast

Share our passion

—Share ideas and practice enthusiasm and joy

Be user obsessed

—Empathetic, inquisitive, practical

About the team:

You will join a distributed team across Europe and Asia with shared time for collaboration such as planning, retros, stand-ups and brainstorming sessions. You will work alongside other iOS engineers, backend engineers, QAs and designers to improve our real-time collaboration features, which are used by millions of users around the globe.

About the role:

As a Senior Security Engineer in Goodnotes, you will own the security of our cloud-based platforms and services on AWS, as well as contributing to the overall security strategy of the organization.

This is the role for you, if you’re excited to work on the things listed below:

• Design, implement, and maintain security architectures and strategies for AWS cloud environments.
• Monitor and analyze security alerts, logs, and reports to detect and respond to potential threats.
• Lead incident response activities and perform root cause analysis to prevent future incidents.
• Collaborate with cross-functional teams to integrate security into application development and deployment processes.
• Work with legal team to develop and enforce policies for secure cloud operations.
• Provide expert guidance on AWS security services and features to internal teams.
• Stay up-to-date with emerging security threats, technologies, and trends.
• Setup and run bounty programs.

The skills you will need to be successful in the above:

• 5 years+ experience in a security engineering role with a focus on AWS environment.
• Strong knowledge and experience with security standards and frameworks (e.g., SOC2, ISO 27001, etc)
• Strong knowledge and able to write IaC for AWS security services and features, such as IAM, Security Groups, VPC, KMS, CloudTrail, and GuardDuty, AWS Control Tower
• Ability to lead new projects with a high degree of autonomy and ownership
• Experience in real-time collaborative application (i.e. Google Doc) is a plus.
• Excellent problem-solving and analytical skills.
• Strong communication and collaboration skills.
• Actually have hands on experience in reporting CVEs is a big plus
• (bonus): security-related certifications (i.e. AWS Security Specialist, GCP Security Specialist, etc..)

Even if you don’t meet all the criteria listed above, we would still love to hear from you! Goodnotes places a lot of value on learning and development and will support your growth if needed.

The interview process:

• An introductory call with someone from our talent acquisition team. They want to hear more about your background, what you are looking for, and why you’d like to join Goodnotes
• A short online coding skills test
• A live coding call with one of our engineers. This is where you get to see what it would be like working at Goodnotes as well as the chance to ask any engineering questions you may have
• A call with your hiring manager. This is the person who will be managing you day to day, working on your growth and development with you as well as supporting you throughout your career at Goodnotes
• Values interview

What’s in it for you:

• Meaningful equity in a profitable tech startup
• Budget for things like noise-cancelling headphones, setting up your home office, personal development, professional training, and health & wellness
• Sponsored visits to our Hong Kong or London office every 2 years
• Company-wide annual offsite (we met in Portugal in 2023 and will go to Bali in 2024)
• Flexible working hours and location
• Medical insurance for you and your dependents