Senior Security Engineer, Application Security

Discord is about giving people the power to create space to find belonging in their lives. Trusted by millions of people to keep their communications secure, private, and out of the hands of evildoers, security and privacy are necessary to Discord's success.

We're looking for a Security Engineer to join us in protecting Discord's users. If you are an engineer with a passion for security and privacy, a deep sense of curiosity, and an endless desire to improve Discord for our users, read on!

What you’ll do:

• Develop technical solutions to find and address security issues (including libraries and frameworks).
• Build tools with an emphasis on self-service, automation, and performance, to help identify and mitigate application security flaws.
• Perform reviews ranging from architectural design to threat modeling and source code level assessments, providing recommendations to make our products more secure.
• Review development frameworks for security functionality, consistency, and uplift opportunities.
• Conduct application security assessments across all Discord services both user-facing and internal.
• Discover weaknesses in Discord by using both manual and automated methods (code reviews, threat models, static scans, penetration tests).

What you have:

• You have 5+ years experience securing production applications.
• You have 3+ years of experience with application security tooling and processes, including code review, static code analysis, penetration testing, and risk management.
• You have experience implementing and using static and dynamic security tools.
• You have 3+ years of experience programming in at least one general purpose programming language (e.g. Python, Rust, Go).
• You have experience operating in cloud-based environments (we use Google Cloud, but experience with other platforms is ok too).
• You are comfortable reasoning about the security of complex systems, even if they contain components you aren't familiar with.
• You have experience leading security projects with a cross-functional group.

Bonus Points:

• Experience with Threat Modeling and analyzing complex designs.
• Experience programming in at least one systems programming language (e.g. C, C++).
• Familiarity with common application vulnerabilities on the platforms Discord ships on (that's all of them).
• Experience with Linux system administration (we use Ubuntu).
• Experience developing, operating, and debugging distributed systems

 

New York City only: Minimum salary of $186,000/year + equity and  benefits 

*Note: Disclosure as required by NYC Pay Transparency Law   Colorado only: Minimum salary of $148,800/year + equity and  benefits  *Note: Disclosure as required by sb19-085(8-5-20).

Benefits and Perks

• Comprehensive medical insurance including Health, Dental and Vision (plus up to $20,000 for gender affirmation procedures)
• Mental health resources and quarterly wellness stipends
• 16+ paid holidays, 4 weeks of PTO + use-what-you-need sick days 
• Paid parental leave (plus fertility, adoption and other family planning benefits)
• Flexible long-term work options (remote and hybrid)
• Volunteer time off
• A diverse slate of Employee Resource Groups 
• Plus commuter contributions and other perks for office-based employees

About Us

Discord is a voice, video and text app that helps friends and communities come together to hang out and explore their interests — from artists and activists, to study groups, sneakerheads, plant parents, and more. With 150 million monthly users across 19 million active communities, called servers, Discord has grown to become one of the most popular communications services in the world. Discord was built without selling ads or user data and instead, offers a premium subscription called Nitro that gives users special perks like higher quality streams and fun customizations.

We’re working toward an inclusive world where no one feels like an outsider, where genuine human connection is a click, text chat, or voice call away. A place where everyone can find belonging. Challenging? Heck yes. Rewarding? Double heck yes. It’s a mission that gives us the chance to positively impact millions of people all over the world. So if this strikes a chord with you, come build belonging with us!