infosec-jobs.com
Senior Security Software Engineer, Application Security Engineering
Los Gatos, California
Netflix
Watch Netflix movies & TV shows online or stream right to your smart TV, game console, PC, Mac, mobile, tablet and more.
At Netflix we do one thing - entertainment - and we aim to do it really well. To accomplish this goal, we must produce, distribute, and stream content at massive scale. Many customers think about Netflix as a single piece of streaming software, but in reality we require thousands of services working in tandem to get content from the mind of our creative partners to the devices where members enjoy that content.
We aim to build software that is secure by default so that software engineers do not need to become security experts to protect their systems. Application Security Engineering’s approach is to guide developers towards simple, self-service solutions that meaningfully reduce security risk for software they create. Our team’s systems serve thousands of applications and developers, so we focus on automated and scalable approaches that eliminate bug classes and make default configurations secure.
This year, we are focused on significantly scaling up our approach to automated vulnerability management. For this role, we are looking for somebody to help build out our approach to effectively address vulnerabilities in rapidly growing parts of our business.
Netflix’s culture is different from other companies and this influences our approach to security:• We avoid rules. The Netflix Security team does not typically issue mandates or block releases.• We encourage independent decision-making by employees. Service developers own every aspect of their application, including security. It is the security team’s job to advise them.
We aim to build software that is secure by default so that software engineers do not need to become security experts to protect their systems. Application Security Engineering’s approach is to guide developers towards simple, self-service solutions that meaningfully reduce security risk for software they create. Our team’s systems serve thousands of applications and developers, so we focus on automated and scalable approaches that eliminate bug classes and make default configurations secure.
This year, we are focused on significantly scaling up our approach to automated vulnerability management. For this role, we are looking for somebody to help build out our approach to effectively address vulnerabilities in rapidly growing parts of our business.
Netflix’s culture is different from other companies and this influences our approach to security:• We avoid rules. The Netflix Security team does not typically issue mandates or block releases.• We encourage independent decision-making by employees. Service developers own every aspect of their application, including security. It is the security team’s job to advise them.
About you
- Strong software engineer comfortable in Python
- Prior large-scale vulnerability management experience preferred
- Energized by a diverse and constantly evolving environment
- Enjoys opportunities to learn new skills
- Effective communicator
- Comfortable coordinating complex projects
For more information about Application Security at Netflix see these resources:
- Astha Singhal’s Netflix Tech Blog post about how we scale application security at Netflix.
- Bryan Payne’s blog post about how we practice security effectively in a culture that aims to avoid security gates and unnecessary processes.
- Aladdin Almubayed’s 2019 BlackHat talk about how we approach third-party vulnerability management.
- The Netflix Security YouTube Channel contains videos from talks Netflixers have given about various security topics.
Tags: Application security Python Vulnerabilities Vulnerability management
Region:
North America
Country:
United States
Job stats:
27
7
0
Categories:
AppSec Jobs
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs