Staff Security Engineer
Posted 9 months ago
The front page of the internet,” Reddit brings over 430 million people together each month through their common interests, inviting them to share, vote, comment, and create across thousands of communities. Come for the cats, stay for the empathy.
The Reddit Security team is rapidly developing, and this is an opportunity to get in and have an outsized impact on a highly skilled and motivated team. We look for humble experts with a relentlessly resourceful and entrepreneurial, “can do” view of security. We want to deliver facts and not FUD to the business to enable Reddit to manage risk more effectively. Culture is important to us and a learning and developing mentality is vital regardless of the work assigned.
If you work tirelessly to break into computer networks and just as tirelessly to ensure others cannot, we need you. The ideal candidate will work to modernize Reddit’s security controls and monitoring across our cloud environments, operating systems, and authentication and admin services.
Primary Job Responsibilities:
- Build tools and processes for automating security controls and monitoring at scale
- Assist the team in improving our incident response capabilities
- Guide our infrastructure teams in implementing security best practices for cloud environments.
- Lead security initiatives across the organization and harden our infrastructure against attack
- Represent Reddit’s security program outside of the company at security conferences
- 5+ years Unix and network administration experience
- Experience securing large and diverse networks and services
- Architecture and design experience for modern SIEMs, commercial or open source
- Cloud security experience with Amazon AWS (Flow logs, CloudTrail, GuardDuty, VPCs, Security Groups, CloudWatch, Kinesis, Lambda, etc.). GCP experience a plus
- Familiarity with common cloud security monitoring services such as Evident, ThreatStack, DivvyCloud, Cloud Custodian
- 2+ years securing Kubernetes environments and familiarity with common commercial and open source Kubernetes security services
- Ability to communicate effectively with business representatives in explaining security topics clearly and where necessary, in layman's terms
- Understanding of modern network protocols including HTTPS and TLS
- Understanding of authentication protocols and frameworks to include OAuth, OpenID, SSO/SAML
- Familiarity with dynamic and static analysis tools
- Ability to code in Python and shell scripts. Experience with Go, Rust, Scala, Lua, C, and/or C++ a plus
- Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
- Experience with common security compliance initiatives such as SOC2, CSA, ISO27001
- Humble expert with a sense of urgency
- Skilled at taking complex topics and making them simple
- Comfortable explaining and justifying difficult decisions to any audience