Skip to Main Content

Senior Software Engineer - Security & Identity

Output Los Angeles, CA

  • Posted: over a month ago
  • Full-Time
Job Description

Love music? Come sit with us. At our core, we help creative people make better music with cutting edge technology.

Output is one of the most influential and fastest-growing music-making software companies in the world used by the likes of Drake, Bjork, Rihanna, and Coldplay, to name a few. Our focus is to inspire a new generation of music makers with a platform that brings the power of a studio to anyone, wherever they are. With groundbreaking products providing new sources of inspiration and sound; here at Output, we are on an endless journey to revolutionize the way creators make music. 

Since raising a $45 million Series A investment, the Output team is growing, and we're looking for an experienced Senior Software Engineer who specializes in the Security and Identity domains.  The ideal candidate will be an expert on auth best practices, architecture and implementation, and equally comfortable providing incident support during an bot attack, providing mitigations and updating our WAF firewall rules.  We're looking for someone with a broad tech background to be able to mentor backend, web and frontend engineers on security best practices, and able to guide us to stamp out security vulnerabilities over time.  They will need to work closely with engineering and business stakeholders across platform and client engineering.  A successful candidate must be self-motivated, detail-orientated, technically savvy, and energized to chart the course for the Output's future security engineering roadmap.

 

How you'll add value:

  • Provide security tech leadership - Be able to work cross-team across engineering, with a focus on platform engineering including the web and API teams
    • Security
      • Ability to identify and prioritize security vulnerabilities - across website, APIs, client applications, and internal tools - and work with teams to execute tasks to improve 
      • Web security setup and configuration via CloudFlare or other providers - including WAF configuration, DNS, firewall rules, API rate limiting approaches and tools
      • Experience configuring VPN, VPC, etc with cloud providers like GCP, AWS, etc.
      • Security attack incident management and response for DDOS, cred-stuffing, etc - Able to identify impact and prescribe short- and long-term remediations to minimize security risks and customer impact
      • Familiar with recaptcha, MFA, and other verification methods 
      • Prioritize security risks, create team follow-up actions, organize security bug bounties and bashes as needed
      • Be a voice and advocate for security best practices - Plan and execute security projects across the org to increase security awareness and reduce vulnerabilities
      • Problem solver - Able to identify source and intent of attacks and potential security breaches, find commonalities in malicious traffic patterns
    • Identity
      • Be a subject matter expert on authentication and authorization
      • Work closely with our backend team on auth related projects and ensure code meets security standards
      • Be the tech lead for data privacy related projects
      • Deep experience applying latest auth technologies and techniques including migrating to more secure approaches on productions systems at scale
      • Familiar with JWT, token revocation, HTTPS/TLS, etc.
      • Experience with cloud identity providers and IAM (GCP, AWS, Auth0) 
      • Able to guide tech teams on identity architectural patterns and best practices
      • API keys, request signing, public/private key approaches, CAs, encryption algorithms and hashes
      • Experience including security in CI/CD processes
    • Act as an engineering role model for security engineering at Output
      • Set high standards and lead by example on security engineering best practices - including how security concerns impact architecture, code reviews, development best practices, API services design, database implementation, CI/CD processes, prod-readiness, etc.
      • Lead the charge to improve security through metrics, KPIs and concrete measurable next steps
  • Be able to wear the tech product owner and project manager hat as needed in the security engineering space as needed

What you'll need to be successful in this role:

  • 5+ years hands-on experience in security and identity software engineering for production systems 
  • CS / EE degree or similar experience
  • Strong leadership, mentoring, and communications skills to advocate for security
  • Strong partnership and relationship building skills - Able to partner closely with Product, Engineering, and QA peers 
  • Strong decision making, prioritization skills and focus - Able to shield the team from external noise while focusing them on the highest value work
  • Broad exposure to software technologies, languages, frameworks, and tools ranging from web tech to backend api's and services, to client UI frameworks, libraries, and binaries  
  • Strong stakeholder management skills - Able to manage stakeholder expectations, project risk, and anticipate stakeholder needs
  • Experience in setting up security observability, monitoring, and alerting
  • Bonus: Passion for democratizing music making and empowering creative music makers

Output has made a name for itself as one of the fastest growing, creative, and influential music-making software companies in the world. The likes of Kendrick Lamar, Bjork, Rihanna, James Blake, Imagine Dragons, Justin Timberlake, Nine Inch Nails and many more use our software to write music as well as hit shows and films like Stranger Things, Game of Thrones, and Black Panther.

We are a strong group of like-minded music makers and music lovers sharing the common goal of helping music makers around the world be creative. We're bonded by music. We're motivated by challenging and fulfilling work. And we always do it while having fun. 

We have adapted our working styles and have successfully launched new products, achieved record sales and we continue to thrive as a team all while working remotely. We have embraced the "work from anywhere revolution" and will continue to hire all roles remotely unless otherwise stated. Our Los Angeles office will remain open to those needing a space or looking for a place to collaborate with other teams. Our culture has always valued our employee's work-life balance and we offer 5 weeks of PTO, excellent health care, and a community of music enthusiasts- with access to our music studios (once it is safe to return).

Privacy Policy for California Candidates

Output

Address

Los Angeles, CA
USA

Industry

Real Estate

View all jobs at Output

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.