Security

Remote (US - Based)

Sr. Staff Product Security Engineer

Grow with us.

A job at Latch is more than just that - it's the opportunity to look forward to every day ahead. We share passion, dedication, and sheer love for what we do.

So, what are you waiting for?

Renting a home is the world's oldest subscription service. People spend thousands of dollars every month for an experience that is outdated, inconvenient, analog, impersonal, and leaves a lot to be desired. Latch is working to make every building better, and while we've methodically executed this mission since our founding with great success, we're just getting started.

Leveraging our knowledge from companies like Apple, BCG, and IDEO, we’ve rethought how people interact with space. Latch delivers a full-building operating system designed to help owners, residents, and third parties like guests, couriers, and service providers, seamlessly experience the modern building. We’ve done this by combining software, devices, and services into a holistic platform that makes spaces more efficient, enjoyable, and profitable.

The next chapter of the Latch story will be our most exciting yet, and we’re looking for more talented team members to help fuel our growth.

 

Required Experience: 12+ years of experience required 

Job Location: Remote, may require occasional travel to New York City or San Francisco offices.

 

This position will be primarily responsible for the development and management of product security requirements, architecture, design, testing, and appropriate documentation as guided by Latch product standards. You will work closely with development teams to build in security throughout the product life cycle and to test and verify the implemented controls.

You will also interface with the Information Security team and application leaders to provide threat models, assessments, reporting, guidance, and assistance with remediation where applicable.

Responsibilities:

  • Product security architecture, design, and engineering requirements and processes
  • Embedded device security testing and review
  • New product development security needs
  • Product security parameters, features, and configuration policies
  • Product security testing (internal and external)
  • Bounty Program bug report confirmation and triage /w remediation guidance
  • Retesting/fix confirmation and approval
  • Application security
    • Code review / Coding best practices
    • VRM process for libraries and third party code approval
  • Development specific security training
  • Product PKI Infrastructure design and key management processes
  • Manufacturing security / Manufacturing security design
  • Security aspects of product provisioning and configuration process
  • Product Incident Response
  • Product security monitoring
  • Development environment security
    • Jenkins/Bamboo/GitHub/BitBucket specific security concerns

Qualifications:

  • Bachelor's degree in Information Security, Computer Science, Information Systems Management, or related field from a 4 year college or university or demonstrated equivalent experience.
  • Minimum of 3 years of embedded device security engineering or related experience, or an equivalent combination of experience with embedded systems or IoT security, web or mobile security, secure software development, cryptography, network security, or penetration testing
  • Experience with public key cryptography architectures and management of x509 certificate based hierarchies, particularly through the use of hardware secure elements or hardware security modules.
  • And understanding of network, web, and wireless protocols (such as TCP/IP, SSL/TLS, 802.11a-g, Zigbee, ZWave, NFC)
  • Experience with some if not all of the following technologies:
    • Embedded C
    • Python
    • AWS IoT (MQTT)

Founded in 2014, Latch now has 200+ team members working to make spaces better places to live, work, and visit. 

We offer unlimited Paid Time Off, a comprehensive benefits package, mental health support, and an environment where employees are surrounded by creative, empowered, and dynamic peers.

In conjunction with our ​core values​: Contagious Determination, Humility, Trust, Inclusion, Action with Intent, and Privacy, we approach our work with care and a sense of duty, to make the world a better space.

We embrace diversity and strive to create an inclusive and equitable environment for all.

Applicant Privacy Notice