Security Trust Engineer

Say hello to possibilities.

It's not everyday that you consider starting a new career challenge. 

RingCentral, Inc. (NYSE: RNG) is a global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. The company provides unified voice, video meetings, team messaging, digital customer engagement, and integrated contact center solutions for enterprises globally. RingCentral's open platform integrates with leading business apps and enables customers to easily customize business workflows.

We're a $2 billion company that's growing at 30+% annually and we're expanding our  Engineering Team to make sure we stay ahead of the competition. RingCentral is headquartered in Belmont, California, and has offices around the world.

RingCentral understands that security, global availability, and always-on reliability are marketplace differentiators. RingCentral services must deliver robust functionality that is secure and reliable for customers, and their employees and customers, no matter where they are. The RingCentral CISO team, Information Security, is committed to working with network and application teams to realize service security. Within Information Security specifically, the Security Trust team is focused on trust and enablement: the provision of Security Trust assets with which to communicate Information Security's achievements in order to engender customer and public trust in RingCentral and our service.
The Security Trust Engineer uses this understanding of security and sales enablement along with data analysis and engineering skills to identify patterns and gaps in Security Trust's vendor security program and supply chain security activities. The Security Trust Engineer works with the team to collaborate on requirements, gather data on a regular cadence, and compile analyses and represent them to a variety of enterprise audiences.
The Security Trust Engineer plays a critical role in helping ensure the security, reliability, and trustworthiness of RingCentral products and services. The role represents Security Trust's interests with Security Operations and Product Development in designing, implementing, and maintaining secure systems, developing automated tools, and collaborating with various teams to embed security best practices throughout the software development lifecycle.
The ideal candidate will have a strong background in software engineering and data analysis, a deep understanding of security principles, and a proven track record of delivering robust and scalable solutions.
This is an exciting opportunity to grow in and contribute to a security concentration that is quickly evolving and highly relevant. The Security Trust Engineer is a professional who is excited by the explosion of advancements occurring in security, data, and artificial intelligence. RingCentral maintains the vision that data analytics helps the organization make better decisions by providing the right data at the right time. As a member of the team, creative thinking, a solid work ethic, and a passion for developing and delivering great solutions are a must.

Responsibilities:
● Security Architecture & Design:
○ Collaborate with engineering teams to design, review, and implement secure architectures for new and existing products and features.
○ Identify and mitigate security risks early in the development process.
○ Provide expert guidance on security best practices, secure coding guidelines, and vulnerability remediation.
● Secure Development & Automation:
○ Develop, implement, and maintain security tools, frameworks, and automation to enhance our security posture.
○ Automate security testing.
○ Implement security controls to be used by vendors and product teams.
● Vulnerability Management & Incident Response:
○ Participate in security assessments, penetration testing, and configuration checking for newly deployed vendors.
○ Analyze and triage security vulnerabilities, working with security operations and application security teams to ensure timely remediation.
○ Assist in responding to vendor security incidents, performing root cause analysis, and implementing preventative measures.
● Trust Asset Development and Program Reporting:
○ Maintain up-to-date representation of Security Trust team activities' ROI. This includes measurement of field team exposure to trust assets, and tracking how the assets enable revenue.
○ Use tools such as Power BI and Tableau to present a single pane of glass view to leadership, capturing the Security Trust team's sales enablement data and statistics to show growth, pain points, and related data.
○ Design and integrate tools, including leveraging AI, to support program needs of reporting on sales enablement and alerts in vendor monitoring .
○ Partner with other stakeholders to help improve Security Trust tools and processes.
● Collaboration & Education:
○ Work closely with business owners, vendors, and operations teams to embed security into every stage of the vendor implementation process.
○ Mentor and educate business owners on security best practices for vendor deployments.
○ Stay up-to-date with the latest supply chain security threats, technologies, and industry trends.

Qualifications:
● 5+ years of experience in a technical security-focused engineering role, such as Security Engineer, Application Security Engineer, or supply chain engineering.
● Strong proficiency in at least one, and ideally multiple, programming languages such as:
○ Python (highly preferred for automation and tooling)
○ Go
○ Java
○
○ C++/C#
● Solid understanding of security principles and common attack vectors such as OWASP Top 10, common web application vulnerabilities, API security, access controls, network protocols.
● Experience with cloud security best practices and technologies (AWS, Azure, GCP)..
● Hands-on experience with security tools and technologies such as:
○ Vulnerability scanners (DAST/Burp Suite, Qualys)
○ Configuration testing (APIs, access controls)
○ Credential verification
○ JIRA, Confluence
● Experience building and securing RESTful APIs and microservices.
● Solid data mining and analysis expertise, including integrating data from multiple sources.
● Experience using Power BI or Tableau.
● Excellent problem-solving skills and the ability to work independently and as part of a team.
● Strong communication and interpersonal skills with the ability to explain complex security concepts to technical and non-technical audiences.
● Bachelor's degree in Computer Science, Information Security, or a related technical field,or equivalent practical experience.
Bonus Points (Nice to Have):
● Relevant security certifications such as CISSP, CEH, OSCP, GSEC.
● Experience with blockchain application security or cryptography.
● Experience with compliance frameworks such as SOC 2, ISO 27001, GDPR.

What we offer: 

• Mediclaim Benefits

• Paid Holidays

• Casual/Sick Leave

• Privilege Leave

• Bereavement Leave

• Maternity Leave

• Paternity Leave

• Wellness Coaching

• Employee Referral Bonus

• Professional Development Allowances

• Night Shift Allowances