Software Security Engineer


Palo Alto, CA, US
  • Job Type: Full-Time
  • Function: IT
  • Post Date: 02/22/2021
  • Website:
  • Company Address: 530 Lytton Avenue Suite 301, Palo Alto, CA, 94301

About Yubico

Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts.

The company’s core invention, the YubiKey, delivers strong hardware protection, with a simple touch, across any number of IT systems and online services. The YubiHSM, Yubico’s ultra-portable hardware security module, protects sensitive data stored in servers.

Job Description

Yubico’s mission is to create a safer internet for everyone. Our core invention, the YubiKey, a hardware-based token, revolutionized secure logins for top Internet brands, including Google and Facebook, and for millions of users in 160 countries. Collaboration and innovation are at the core of our culture, as we expand to more advanced software and services for encryption and Internet of Things (IoT). We are a multinational, fast-growing company, offering an opportunity to bring your ideas to life with our global team.
The Role
The Product Security team is responsible for ensuring Yubico develops and maintains secure products and services. As part of the Product Security team, you will collaborate with a diverse set of engineering teams to integrate solutions that support secure design and development practices. You will also employ a combination of static and dynamic analysis methodologies to identify and remedy complex vulnerabilities across our products and services. 
If you are looking for a fun challenge, are passionate about security, and want to work at a security-oriented company, this opportunity is for you. 


    • Define and evangelise requirements and guidance for secure by design and secure by default principles
    • Implement automation to prevent and detect security flaws in all phases of development
    • Conduct design reviews and manual security assessments of our software 
    • Lead training and awareness sessions
    • Define and implement metrics to provide visibility into the impact of your work
    • Define, lead, and influence processes to secure products and services
    • Identify and advocate for new and novel uses of Yubico’s technology

Required Skills & Experience

    • 3+ years in a product security role
    • 5+ years of software development
    • Proficiency in threat modeling
    • Proficiency in Go, C#, Python or Java
    • Knowledge of common vulnerability classes

Optional Skills and Experience

    • Bachelor’s or Master's degree in Computer Science or similar fields
    • Knowledge of WebAuthn, OATH HOTP, OATH TOTP, U2F, PIV, or OpenPGP
    • Experience developing solutions on Google Cloud, Azure, or AWS
    • Proficiency in C/C++, Rust, or Javascript
    • Formal experience training on secure development concepts and practices

Job Details

    • Candidate must be able to travel to Yubico’s other offices two times per year. Travel is subject to COVID-19 restrictions and precautions.
    • Start date: immediately
    • Hours: full time
    • Competitive salary + Bonus + Benefits + Stock options
Our benefits include:
Comprehensive health plans, including dental and vision
Wellness reimbursement
Equity in the company
Learning and development
Parental leave
Education allowance
We are an equal opportunity employer, we value diversity and uphold an inclusive environment where all people feel that they are equally respected and valued. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, gender expression, age, marital status, religion, national origin, veteran or disability status. We'd love to learn about what you can add to our diverse team.
Personal data submitted through this form is used for the legitimate business interests of managing Yubico’s recruitment and hiring related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. 
Your personal data will be retained in compliance with Yubico’s record retention policies, as long as necessary for the purpose for which it was collected including the consideration for relevant future employment opportunities.
If you do not want us to reach out to you or use your information as described herein please contact us at [email protected] to let us know and we will delete all such information. Providing your personal data is voluntary, but necessary to join our talent community, and if you do not agree to provide your data, we will not be able to consider you as part of our talent community
As part of providing the requested service, we will transfer your data to be processed by Lever, Inc., a service provider contracted by Yubico AB and/or its subsidiaries that meets legally mandated privacy requirements.The Yubico Privacy Notice offers more information about Yubico privacy practices, including the lawful basis for processing of personal data, how to lodge a complaint with the supervisory authority, and how to contact Yubico to exercise your data subject rights.

Related Jobs

Software Engineer (Java, Android)

Yubico - Stockholm, SE

Senior Sales Manager, France

Yubico - Paris, FR

Product Designer - hardware & software

Yubico - Stockholm, SE

Sales Engineer / Solutions Engineer

Yubico - Remote

Key Account Manager, France

Yubico - Paris, FR
Disclaimer: Local Candidates Only
This company does NOT accept candidates from outside recruiting firms. Agency contacts are not welcome.