Senior Security Engineer
Engineering | San Francisco, CA
Our first API helps you programmatically send physical mail at scale. Our second is address verification—officially CASS-certified by the USPS. But our long-term goal is to provide the building blocks for developers to automate the offline world through APIs. We’re looking for great problem-solvers to help us figure out how.
As a member of our security team, you’ll protect the data of hundreds of millions of mail recipients, ensure new products and designs are architected safe by default, build monitoring and detection systems, work collaboratively with developers to educate them about security and squash vulnerabilities, and help us achieve our compliance and regulatory goals.
We take a systemic approach to security, and strive to ensure we provide low friction high-impact wins across everything we do. The role includes significant autonomy towards defining problem spaces and a mandate to build viable tools which are both internally- and externally-facing. A significant part of this job is meant to attract a multidisciplinary engineer. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, and develop cross-functional technical & soft skills, not just related to application/infrastructure security but securing all aspects of a fast-moving hypergrowth startup.
Our engineering team values agility, collaboration, and autonomy. We’re building a team of not just strong problem-solvers, but great collaborators—engineers who are excited to teach and learn from each other, share decisions and information freely, and work together on new problems that no other companies have solved before. Come join the best people in the business.
As a senior security engineer, you’ll...
- Be a security subject matter expert and respond to any internal and external customer security engineering questions/requests
- Support and advise software engineering teams in the design of secure software. Coach and mentor other engineers
- Develop, implement, and communicate vulnerability mitigation strategies to development teams
- Threat model and pentest our internal and external applications
- Design, evangelize and implement security processes, technical controls, and architecture design patterns to enhance Lob's ability to prevent, detect, and analyze malicious activity
- Participate in defining security-related end user features in the Lob product
- Recommend and deploy tooling to manage security in the deployment pipeline as well as production systems
- Balance security risk with business goals and agility
For this role, we’re looking for...
- Proven interpersonal skills: Ability to explain complex technical issues to both technical and non-technical audiences. Collaborative approach to mentoring software engineers on the development of secure code
- Broad exposure to various security disciplines (at least 2 of application security, infrastructure security, incident response, account security, and risk & compliance), and understanding of the core principles behind security concepts
- Strong knowledge of web architecture, cloud and application architectures, and related security principles
- Systematic problem solving approach, coupled with a strong sense of ownership and drive
- Experience securing AWS based environments a plus, including security of different AWS Services, design of VPC architectures, best practices for IAM configuration and security of data within and across AWS accounts
- Experience with NodeJS and Golang a plus: having opinionated approaches to preventing and detecting vulnerable code patterns at scale
- Experience with Kubernetes and service mesh deployments a plus: CVE scanning, RBAC, mTLS, network security policies, pod security contexts, etc.
We’re not just building a platform to make the world programmable. We’re also designing a great place to work.
Our team loves working at Lob because...
- Lob was built by technical co-founders with a vision to make the world programmable. We offer two flagship APIs (print & mail and address verification)
- Our business model is incredibly sustainable and Lob has thousands of customers ranging from startups to Fortune 100 companies. Customers use Lob’s suite of APIs to mail fully dynamic and personalized customer communications with print media
- Venture-backed by the most reputable investors in tech, we have the funding to invest in fast growth
- We are a small but dynamic and passionate team based in San Francisco. We give our employees a lot of responsibility and ownership of their work. You will have fun at work while engaging in challenging projects with the best and brightest
- Our perks include:
- Health benefits for you and your dependent(s)
- Flexible Spending Accounts
- Open vacation policy
- Commuter benefits
- Wellness program
- Paid parental leave
- Ground floor opportunity as an early member of the Lob team; you’ll directly shape the direction of our company
- Free lunch, dinner, and snacks