Information Security Engineer
Glowforge is a beautiful device that sits on your desk. It uses a laser to carve and engrave products from raw materials like wood, leather, acrylic – even cardboard.
If you haven’t already, check out our video on glowforge.com. While you’re there, you’ll notice something amazing: Glowforge is one of the most funded preorder campaigns of all time. We’re not creating a geeky tool for the tech elite; we’re crafting an iconic product that is going to change the way people think about creativity.
Our founders are three creators from different backgrounds (hardware, software, design) who’ve each turned products into multimillion-dollar businesses. We’ve got a full electronics lab, machine shop, and makerspace, with 3D printers, sewing machines, optical benches, scrapbook cutters, and a 7-ton CNC vertical mill. This is a company for people who are passionate about creating things, from clothes to furniture to machines to food. If that’s you, we’re going to do amazing things together.
Why we need you
One of the unusual things about the Glowforge architecture is that we moved many of the hard engineering problems from hardware to software. Each Glowforge must coordinate every movement of the laser, every fan adjustment, and every sensor reading with our cloud service. While we have local safety precautions, our service depends on a thoughtful and robust security architecture.
Our team is composed of software generalists and we know that you’re one too, but we particularly want your passion and thoughtfulness around security. While you’ll do lots of things here, you’ll be the go-to person for security matters, and will spread your knowledge and experience through an organization that is eager to learn. Your expertise will be a crucial part of making Glowforge the reliable, trustworthy, and delightful service our customers are waiting for.
While this role is written for someone with a four-year degree and several years of industry experience, if you’re great at what you do and excited about what we do, we want to talk to you — whether you’re brand new to the industry or you’ve been a veteran architect for decades.
Here’s what you’ll be doing
- First and foremost, any task that helps us create an amazing product for our customers — which will include stretching your coding skills in new directions and pitching in when your colleagues need help.
- Ensuring our services, software, and infrastructure are designed and implemented to the highest standard to be deserving of our customers’ trust.
- Analyzing and architecting system services, device firmware, networks and applications from a security perspective.
- Detecting and deflecting any new security issues that may appear.
- Participating in security audits, as well as defining and driving the adoption of secure development best practices and system risk analysis for the entire Glowforge ecosystem
- Building the software to fabricate the future – not just another CRUD app.
You need these qualifications
- You write copious amounts of thoughtful, high-quality code.
- You’ve been responsible for implementing security solutions in a shipping product.
- You’re excited about being personally responsible for making Glowforge successful, and you’re comfortable navigating ambiguity that arises in a startup environment, adjusting to changing priorities, and moving confidently even when guidance is limited.
- You’re passionate about topics ranging from cryptography, authentication protocols, engineering best-practices, and system and network security.
- You know what it takes to ship great software on time that doesn’t sacrifice the security of its customers’ data.
It would be nice if…
- You’re proficient with threat modeling or other risk identification techniques
- You have experience with system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
- You’re familiar with the security challenges of internet-enabled hardware
Please send us your resume, plus something so we can get a sense of your work. For example, we’d love to see your Github profile.
One more, very important thing: we are an equal opportunity employer and value diversity at our company. We’re strongly committed to providing equal employment opportunity for all employees and all applicants for employment. For us, this is the only acceptable way to do business.