Staff Application Engineer, Security

San Francisco, CA

Full Time Senior-level / Expert USD 190K - 245K

Airbnb

Dec 10, 2022 - Find the perfect place to stay at an amazing price in 191 countries. Belong anywhere with Airbnb.

View company page

Airbnb was born in 2007 when two Hosts welcomed three guests to their San Francisco home, and has since grown to over 4 million Hosts who have welcomed more than 1 billion guest arrivals in almost every country across the globe. Every day, Hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way.

The Community You Will Join:

We are looking for an experienced Application Security Lead. This role will report to the Director of Information Security Technology and will be working closely with the Application Security Team. 

This team builds tools to help identify and prevent vulnerabilities in Airbnb code. The team also hunts down vulnerabilities that are currently present using a combination of penetration testing and design review. Security Engineering is the primary contact for analyzing the security of a given application.

The Difference You Will Make:

In this role, you will help refine the direction of the application security team, mentor/train the current team, and help with board and executive level reporting. You will also work with Software Engineers to lead large-scale, cross-functional projects throughout the organization, as well as help with application level detection and incident response efforts.

A Typical Day:

  • Develop tooling and frameworks to secure our products throughout the entire SDLC (static analysis, CSRF/XSS prevention libraries, CSP, code hardening efforts, etc)
  • Security reviews and threat modeling across the entire company (new products, acquisitions, vendor integrations, etc)
  • Security architecture, design, and code reviews across engineering
  • Establish security goals across other departments
  • Penetration tests conducted by internal engineers and third-party security firms
  • Responsible for disclosure program via HackerOne
  • Providing security training and promoting a culture of security across the engineering and product team

Your Expertise:

  • Relevant engineering work experience and hands-on technical experience
  • Actively coached and mentored team members in their careers
  • Been actively involved in setting product strategy
  • Independently led technical team(s)
  • Coding ability and experience with architectural patterns of large, high-scale applications
  • Consistently made culture choices that positively impact all of engineering
  • Shipped several large scale projects with multiple dependencies across teams

Nice to have:

    • Experience with AWS (Lambda, Kinesis, S3, SNS, SQS, EC2, ...)
    • Experience in Software development (Ruby, Java, Python, Golang)
    • Familiar with version control (Git)
    • Telemetry aggregation, query, and correlation (Athena, Elasticsearch, Kibana)
    • Familiar with logging infrastructure (Syslog, Fluentd, Logstash)
    • A desire to dive into Big Data, Data Science, Analytics, Machine Learning

How We'll Take Care of You:

The starting base pay for this role is between $190,000 and $245,000. The actual base pay is dependent upon many factors, such as: education, experience, and skills. The base pay range is subject to change and may be modified in the future. This role may also be eligible for bonus, equity, benefits, and Employee Travel Credits.

Your Location:

This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. Airbnb,Inc. can employ in  states where we have registered entities. Currently, employees can not be located in: Alaska, Indiana, Nebraska, North Dakota, Ohio, South Dakota, Wisconsin, Alabama, Mississippi, Oklahoma, Delaware and Rhode Island. This list is continuously  evolving and being updated, please check back with us if the state you live in is on the exclusion list. If your position is employed by another Airbnb entity, your recruiter will inform you what states you are eligible to work from. 

Our Commitment To Inclusion & Belonging:

Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply.

If you need assistance, or a reasonable accommodation during the application and recruiting process, please contact us at: reasonableaccommodations@airbnb.com.

Tags: Analytics Application security AWS Big Data CSRF EC2 Elasticsearch Golang Incident response Java Lambda Machine Learning Pentesting Python Ruby S3 SDLC SNS SQS Strategy Vulnerabilities XSS

Perks/benefits: Career development Salary bonus

Region: North America
Country: United States
Job stats:  4  0  0
  • Share this job via
  • or

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.