Our mission is to grow and share the world's knowledge.
Software Engineer - Security
$135k – $190k estimated
The vast majority of human knowledge is still not on the internet. Most of it is trapped in the form of experience in people's heads, or buried in books and papers that only experts can access. More than a billion people use the internet, yet only a tiny fraction contribute their knowledge to it. We want to democratize access to knowledge of all kinds — from politics to painting, cooking to coding, etymology to experiences — so if someone out there knows something, anyone else can learn it. Our mission is to share and grow the world's knowledge, and we're building a world-class team to help us achieve this mission.
About the Team:
Our small engineering team works on challenging problems every day. We have a culture that's rooted in constantly learning and improving, and our engineers are encouraged to think big and experiment with new ideas. Using continuous deployment, we quickly see our changes in the product and make fast iterations. Our engineers focus on creating polished products and writing high quality code by designing APIs and abstractions that are extensible and maintainable. Everyone on the engineering team has a huge impact on our product and our company.
About the Role:
The Software engineer of security is a key member of the Infrastructure team to own and improve the security of cloud Infrastructure and Quora services. This person will define and assess the organization’s security strategy and policy, identify security areas for improvement and drive for results.
* Design, develop, and deploy applications to monitor cloud Infrastructure security and detect intrusions
* Deploy open-source tools or develop in-house solutions for OS hardening, access logging & analysis
* Build features or tools to ensure strong security in Quora product
* Provide security guidance to engineering teams and work with the product engineer on securing customer data in compliance with regulations such as GDPR and CCPA
* Drive the definition and implementation of security policies and monitor in conformance to the policies
* Conduct initial incident triage; determine scope, urgency, and potential impact of security incidents; lead and coordinate the incident response process
* Bachelors or Masters' degree in Computer Science or Information Security
* 2+ software engineer development experience
* Strong passion for working on infrastructure or product security areas
* Attention to details and good communication and collaboration skills, be self-motivated and have a strong sense of ownership of tasks
* 2+ years working on AWS running multiple production workloads
* 2+ years of experience in Infrastructure and Information Security
* Knowledge of AWS security best practices and security controls using AWS services such as IAM, Cloudtrail, CloudWatch, etc…
* 2+ years in experience in building security features of a consumer-facing or corporate-facing product
* Experience with applications for access logging, centralized logging, and monitoring/alerting of security log events such as ELK, Splunk, SumoLogic
* Experience with system administration, 2FA, SSO, and OS hardening techniques for Linux environments
* Experience in bash and Python, container technology such as docker and Kubernetes
* Working knowledge of incident response, threat modeling, and mitigation
* Strong understanding of common internet protocols such as HTTP, DNS, SMTP, etc.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.