Senior Security Engineer
ENGINEERING | SAN FRANCISCO, CA
Our first API helps you programmatically send physical mail at scale. Our second is address verification—officially CASS-certified by the USPS. But our long-term goal is to provide the building blocks for developers to automate the offline world through APIs. We’re looking for great problem-solvers to help us figure out how.
As a member of our security team, you’ll protect the data of hundreds of millions of mail recipients, ensure new products and designs are architected safe by default, build monitoring and detection systems, work collaboratively with developers to educate them about security and squash vulnerabilities, and help us achieve our compliance and regulatory goals.
We take a systemic approach to security, and strive to ensure we provide low friction high-impact wins across everything we do. The role includes significant autonomy towards defining problem spaces and a mandate to build viable tools which are both internally- and externally-facing. A significant part of this job is meant to attract a multidisciplinary engineer. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, and develop cross-functional technical & soft skills, not just related to application/infrastructure security but securing all aspects of a fast-moving hypergrowth startup.
Our engineering team values agility, collaboration, and autonomy. We’re building a team of not just strong problem-solvers, but great collaborators—engineers who are excited to teach and learn from each other, share decisions and information freely, and work together on new problems that no other companies have solved before. Come join the best people in the business.
As a senior security engineer, you’ll...
Be a security subject matter expert and respond to any internal and external customer security engineering questions/requests
Support and advise software engineering teams in the design of secure software. Coach and mentor other engineers
Develop, implement, and communicate vulnerability mitigation strategies to development teams
Threat model and pentest our internal and external applications
Design, evangelize and implement security processes, technical controls, and architecture design patterns to enhance Lob's ability to prevent, detect, and analyze malicious activity
Participate in defining security-related end user features in the Lob product
Recommend and deploy tooling to manage security in the deployment pipeline as well as production systems
Balance security risk with business goals and agility
For this role, we’re looking for...
Proven interpersonal skills: Ability to explain complex technical issues to both technical and non-technical audiences. Collaborative approach to mentoring software engineers on the development of secure code
Broad exposure to various security disciplines (at least 2 of application security, infrastructure security, incident response, account security, and risk & compliance), and understanding of the core principles behind security concepts
Strong knowledge of web architecture, cloud and application architectures, and related security principles
Systematic problem solving approach, coupled with a strong sense of ownership and drive
Experience securing AWS based environments a plus, including security of different AWS Services, design of VPC architectures, best practices for IAM configuration and security of data within and across AWS accounts
Experience with NodeJS and Golang a plus: having opinionated approaches to preventing and detecting vulnerable code patterns at scale
Experience with Kubernetes and service mesh deployments a plus: CVE scanning, RBAC, mTLS, network security policies, pod security contexts, etc.
We’re not just building a platform to make the world programmable. We’re also designing a great place to work.
Our team loves working at Lob because...
Our business model is incredibly sustainable and Lob has thousands of customers ranging from startups to Fortune 100 companies. Customers use Lob’s suite of APIs to mail fully dynamic and personalized customer communications with print media
Venture-backed by the most reputable investors in tech, we have the funding to invest in fast growth
We are a small but dynamic and passionate team based in San Francisco. We give our employees a lot of responsibility and ownership of their work. You will have fun at work while engaging in challenging projects with the best and brightest
Our perks include:
Health benefits for you and your dependent(s)
Flexible Spending Accounts
Open vacation policy
Paid parental leave
Ground floor opportunity as an early member of the Lob team; you’ll directly shape the direction of our company
Free lunch, dinner, and snacks