Senior Security Engineer

Our mission at Duolingo is to develop the best education in the world and make it universally available. But we’ve got more left to do — and that's where you come in!

Duolingo is the most popular language-learning application in the world, with over 500 million users and over half a billion exercises completed daily. Beyond our core learning product, we have also entered into literacy with Duolingo ABC, English proficiency testing with the Duolingo English Test, and even Math.

We are passionate about educating our users, making fact-based decisions, and finding innovative solutions to complex problems. We offer meaningful work, limitless learning opportunities, and collaboration with world-class minds. Come brighten your life and over half a billion more!

As a security engineer, you will use and develop cutting-edge tools to maintain confidentiality, data integrity, and availability across all Duolingo services and platforms. Our strategy strives to continuously improve Duolingo’s infrastructure security and maintain compliance through automation and monitoring.

You Will...

• Develop scalable monitoring systems for the detection of security anomalies
• Streamline operational and development practices related to security
• Analyze the current security posture and plan for future threats
• Partner closely with our development teams to perform threat modeling, identify risks, and provide guidance to mitigate them
• Harden networks against attacks
• Work to improve the safety of our users from spam and abuse

You Have...

• Experience handling several technical projects with multiple partners
• Knowledge of Linux system administration and automation
• Programming experience with Python
• A desire to learn more about security and develop the foundational building blocks
• Strong collaboration, emotional intelligence, and communication skills

Requirements: 

• A Bachelor’s degree in Computer Science or related technical field
• Proven experience developing and maintaining microservices
• 2+ years working on collaborative development teams
• Experience in product, application, or cloud security

Exceptional Candidates Will Have...

• Familiarity with containerization runtimes (Docker, rkt)
• Experience securing a large infrastructure on AWS
• Experience working on trust and safety or spam and abuse teams
• Threat modeling experience across various architectures
• Demonstrable experience in designing and managing multi-account cloud environments
• Experience communicating sophisticated technical requirements to audiences of variable technical sophistication

We will do everything we can within reason to make sure that your interview takes place in an environment that fairly and accurately assesses your skills. If you need assistance or accommodation, please contact your recruiter.

Because Duolingo intends to require all employees to return to work from an office, all employees will need to be fully vaccinated against COVID-19 and have received any booster doses as recommended by the Centers for Disease Control and Prevention to remain employed unless they have an exemption to vaccination pursuant to a required reasonable accommodation. This is so that our employees feel safe in the office.

Take a peek at how we care for our employees' holistic well-being with our benefits here.