Crunchyroll

Crunchyroll is the world’s most popular anime brand, connects anime and manga fans across 200+ countries and territories with 360-degree experiences. We’re an international business focused on creating both online and offline experiences for fans through content (licensed, co-produced, originals, distribution), merchandise, events, gaming, news, and more. Visit our About Us pages for more information about our collection of brands and companies. 

About the Team

We are looking for a highly motivated and talented technical individual to join us as manager for the Security and Compliance team, a group responsible for strengthening the security architecture of our user-facing applications and responding to security incidents in this area. The Security & Compliance team is one of a few heads of our security domains and regularly works with other teams across the organization to protect these assets. As manager of the team, you’re responsible for representing to others where you see the biggest risks in our user-facing applications and how we can improve them.

Location: San Francisco

Our headquarters is located in downtown San Francisco, where our group of cross-functional experts assemble to create experiences for Crunchyroll and VRV’s passionate communities.

Crunchyroll COVID-19 Hiring Status 

Crunchyroll employees are currently working from home and we are still conducting remote interviews and hiring during this time. This role is expected to start remotely and we’ll work closely with you as we understand every person has unique circumstances. 

About You

The ideal candidate has a strong technical background, preference for measurement and modeling over perception and intuition, concern for data privacy and either knows about or was specifically involved in the exciting world of “DevSecOps”. If you enjoy fighting fraud and keeping our customers safe and happy, this is your chance to deliver GREAT JUSTICE.

Requirements

• Bachelors in Computer Science or Engineering, or equivalent work experience.
• 5+ years as a software engineer
• Experience with LAMP environments
• Experience with cloud-based infrastructure and its configuration
• 2+ years of experience with secure development practices and/or securing infrastructure
• Experience with common UNIX command-line operations and bash
• Experience with issue tracking software
• Sensitivity toward handling and exposure of sensitive data
• Knowledge of the OWASP Top 10

Pluses 

The ideal candidate has two or three of the below in addition to the above:

• You have worked with PCI-compliant systems
• You have performed risk assessments for other projects or organizations
• You have CISSP certification or a related security certification
• You have experience in technical training or have given presentations on technical topics professionally
• You’ve worked with bug bounty or vulnerability disclosure programs
• You have experience in a security operations center

A Day in the Life of Our Engineering Manager for the Security & Compliance Team

On any given day, you may find yourself doing the following:

• Identifying and managing vulnerabilities in our user-facing applications and infrastructure
• Working with other engineering teams to incorporate recommended security fixes
• Identifying projects that facilitate continued compliance with data privacy laws
• Cultivating secure development best-practices for the broader engineering organization
• Mentoring members of the Security & Compliance team
• Translating evaluated vulnerabilities for non-technical stakeholders
• Reviewing the vulnerability evaluations of other engineers in the team
• Ensuring that user-submitted exploits being identified through our bug bounty program are evaluated and responded to alongside internally-identified vulnerabilities

Additionally, you’ll be expected to:

• Annually review top software application vulnerabilities and their prevention
• Model the risk of outstanding vulnerabilities and the impact they can have to the organization for regular threat reports
• Help coordinate members of the team in the event of a security incident and provide updates to stakeholders

Benefits: San Francisco Office

• Competitive salary
• “Use What You Need” time away from work policy
• Medical, dental, vision, STD, LTD, and life insurance
• Health care and dependent care FSA
• 401(k) plan with employer match
• Employer paid commuter benefit
• On-site gym, showers, yoga, and wellness classes
• Catered lunch and dinner 4 days per week
• Skilled, passionate, and fun co-workers
• Pet friendly environment - pet insurance and dog friendly office

Questions about Crunchyroll's hiring process? Please check out our FAQ

About Crunchyroll

Crunchyroll, a WarnerMedia company (as a subsidiary of Otter Media) and the world’s most popular anime brand, connects anime and manga fans across 200+ countries and territories with 360-degree experiences. 

Fans have access to the largest collection of licensed anime through Crunchyroll, Anime Digital Network (in partnership with Citel, a subsidiary of Média-Participations), and Anime on Demand video streaming services, translated in multiple languages for viewers worldwide. Viewers can also access simulcasts — top series available immediately after Japanese broadcast. Crunchyroll's services also extend to licensing of theatrical, TV, home video, and consumer product rights. 

Fans engage further with events (including owned events Crunchyroll Expo, Anime Awards, Crunchyroll Movie Nights, KAZÉ Movie Nights), consumer products through eCommerce and retail partners (Crunchyroll, KAZÉ, AV Visionen), Crunchyroll Games, KAZÉ Games, and manga (KAZÉ Manga, Crunchyroll Manga app, Crunchyroll Manga Store).

Crunchyroll was founded in 2006 and is headquartered in San Francisco, with offices in Los Angeles, Tokyo, Paris, Lausanne, Berlin (AV Visionen) and Chisinau (Ellation). VRV (U.S.) and Eye See Movies (Germany) are also Crunchyroll brands.

We are an equal opportunity employer and value diversity at Crunchyroll. Pursuant to applicable law, we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.