Security Engineer

| Remote
Sorry, this job was removed at 4:36 a.m. (PST) on Thursday, June 24, 2021
Find out who’s hiring remotely
See all Remote jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

"The front page of the internet,” Reddit brings over 430 million people together each month through their common interests, inviting them to share, vote, comment, and create across thousands of communities. Come for the cats, stay for the empathy.

The Reddit Security team is rapidly developing, and this is an opportunity to get in and have an outsized impact on a highly skilled and motivated team. We look for humble experts with a relentlessly resourceful and entrepreneurial, “can do” view of security. We want to deliver facts and not FUD to the business to enable Reddit to manage risk more effectively. Culture is important to us and a learning and developing mentality is vital regardless of the work assigned. 

If you work tirelessly to break into computer networks and just as tirelessly to ensure others cannot, we need you. The ideal candidate will work to modernize Reddit’s security controls and monitoring across our cloud environments, operating systems, and authentication and admin services.

Primary Job Responsibilities:

  • Build tools and processes for automating security controls and monitoring at scale
  • Assist the team in improving our incident response capabilities
  • Guide our infrastructure teams in implementing security best practices for cloud environments. 
  • Lead security initiatives across the organization and harden our infrastructure against attack
  • Represent Reddit’s security program outside of the company at security conferences

Qualifications:

  • 5+ years Unix and network administration experience
  • Experience securing large and diverse networks and services
  • Architecture and design experience for modern SIEMs, commercial or open source
  • Cloud security experience with Amazon AWS (Flow logs, CloudTrail, GuardDuty, VPCs, Security Groups, CloudWatch, Kinesis, Lambda, etc.). GCP experience a plus
  • Familiarity with common cloud security monitoring services such as Evident, ThreatStack, DivvyCloud, Cloud Custodian
  • 2+ years securing Kubernetes environments and familiarity with common commercial and open source Kubernetes security services
  • Ability to communicate effectively with business representatives in explaining security topics clearly and where necessary, in layman's terms
  • Understanding of modern network protocols including HTTPS and TLS
  • Understanding of authentication protocols and frameworks to include OAuth, OpenID, SSO/SAML
  • Familiarity with dynamic and static analysis tools
  • Ability to code in Python and shell scripts. Experience with Go, Rust, Scala, Lua, C, and/or C++ a plus
  • Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
  • Experience with common security compliance initiatives such as SOC2, CSA, ISO27001

Qualities:

  • Humble expert with a sense of urgency
  • Skilled at taking complex topics and making them simple
  • Comfortable explaining and justifying difficult decisions to any audience


Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Location

1455 Market St., San Francisco, CA 94103

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about RedditFind similar jobs