Yelp is looking for security engineers to keep us safe and sane as we build out our desktop, mobile, business owner, and administrative websites. It's an opportunity to have tremendous impact and broad scope protecting Yelp's data, our employees, and our millions of users. Additionally, Yelp’s future growth in the transactions space has many security implications, both in traditional application security as well as in privacy controls and fraud and risk analysis.
As a Software Engineer in Security, you will be responsible for partnering with different engineering teams at Yelp to help build features, tools, and libraries to enable security by default. You’ll also work to identify and fix vulnerabilities in the products we build, as well as work with external security researchers through our public bug bounty program.
What You Will Do:
Develop and deploy authentication and security related components of Yelp’s website and mobile apps.
Develop libraries used across multiple Yelp apps for secure communication and data storage.
Pair with mobile, frontend, and backend teams to architect and develop features in a secure, and scalable manner.
Validate and remediate vulnerabilities reported in our bug bounty.
We Are Looking For:
While previous application security experience is a plus, we are looking for strong software generalists first, with an interest in application security.
Understanding of HTML5, current, and emerging browser security models.
Understanding of PKI and key management.
3-5 years of software engineering experience.
BS or MS in Computer Science or Engineering.
Experience with AWS and SoA.
Experience with securing iOS and Android applications.
Security research or pen testing experience.
This year we're focused on three things:
Amazing features specifically for the creators of Yelp's unmatched local review content - namely our incredible community.
International expansion - bringing Yelp to the world.
Closing the loop with local businesses - Yelp Platform and more tools to help businesses see the value they're getting from Yelp.