Senior security Engineer
Hong Kong
Goodnotes
Discover Goodnotes 6, the AI note-taking app loved by millions around the world.We want to make work and study more efficient and enjoyable, by providing the best digital paper solution possible. We plan to be the go-to tool for all forms of notes. Our digital paper and learning ecosystem inspires anyone to take notes, share what they know, collaborate with others, and learn as a community
Our Values:
Dream big
—Be visionary, strategic, and open to innovation
Build great things
—Work in service of our users, always improving and pushing higher
Take ownership
—Take responsibility with bold decision-making and bias for action
Win like a sports team
—Be trusting and collaborative while empowering others
Learn and grow fast
—Never stop learning and iterate fast
Share our passion
—Share ideas and practice enthusiasm and joy
Be user obsessed
—Empathetic, inquisitive, practical
About the team:
You will join a distributed team across Europe and Asia with shared time for collaboration such as planning, retros, stand-ups and brainstorming sessions. You will work alongside other iOS engineers, backend engineers, QAs and designers to improve our real-time collaboration features, which are used by millions of users around the globe.
About the role:
As a Senior Security Engineer in Goodnotes, you will own the security of our cloud-based platforms and services on AWS, as well as contributing to the overall security strategy of the organization.
This is the role for you, if you’re excited to work on the things listed below:
- Design, implement, and maintain security architectures and strategies for AWS cloud environments.
- Monitor and analyze security alerts, logs, and reports to detect and respond to potential threats.
- Lead incident response activities and perform root cause analysis to prevent future incidents.
- Collaborate with cross-functional teams to integrate security into application development and deployment processes.
- Work with legal team to develop and enforce policies for secure cloud operations.
- Provide expert guidance on AWS security services and features to internal teams.
- Stay up-to-date with emerging security threats, technologies, and trends.
- Setup and run bounty programs.
The skills you will need to be successful in the above:
- 5 years+ experience in a security engineering role with a focus on AWS environment.
- Strong knowledge and experience with security standards and frameworks (e.g., SOC2, ISO 27001, etc)
- Strong knowledge and able to write IaC for AWS security services and features, such as IAM, Security Groups, VPC, KMS, CloudTrail, and GuardDuty, AWS Control Tower
- Ability to lead new projects with a high degree of autonomy and ownership
- Experience in real-time collaborative application (i.e. Google Doc) is a plus.
- Excellent problem-solving and analytical skills.
- Strong communication and collaboration skills.
- Actually have hands on experience in reporting CVEs is a big plus
- (bonus): security-related certifications (i.e. AWS Security Specialist, GCP Security Specialist, etc..)
Even if you don’t meet all the criteria listed above, we would still love to hear from you! Goodnotes places a lot of value on learning and development and will support your growth if needed.
The interview process:
- An introductory call with someone from our talent acquisition team. They want to hear more about your background, what you are looking for, and why you’d like to join Goodnotes
- A short online coding skills test
- A live coding call with one of our engineers. This is where you get to see what it would be like working at Goodnotes as well as the chance to ask any engineering questions you may have
- A call with your hiring manager. This is the person who will be managing you day to day, working on your growth and development with you as well as supporting you throughout your career at Goodnotes
- Values interview
What’s in it for you:
- Meaningful equity in a profitable tech startup
- Budget for things like noise-cancelling headphones, setting up your home office, personal development, professional training, and health & wellness
- Sponsored visits to our Hong Kong or London office every 2 years
- Company-wide annual offsite (we met in Portugal in 2023 and will go to Bali in 2024)
- Flexible working hours and location
- Medical insurance for you and your dependents
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Cloud GCP IAM Incident response iOS ISO 27001 Security strategy SOC 2 Strategy
Perks/benefits: Career development Equity Flex hours Flex vacation Health care Home office stipend Salary bonus Startup environment Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs