Senior Security Engineer

Airbnb is a mission-driven company dedicated to helping create a world where anyone can belong anywhere. It takes a unified team committed to our core values to achieve this goal. Airbnb's various functions embody the company's innovative spirit and our fast-moving team is committed to leading as a 21st century company.

What is Security Engineering at Airbnb?

Airbnb is built on trust. Our security team works hard to improve the security of our platform that enables millions of users to explore the world. We build the invisible infrastructure to ensure our engineering org can deliver secure and high-quality at speed.

We are looking for people who want to make the Airbnb platform safer for millions of users around the world. We’d love to talk to you if you’re a talented individual who is passionate about crafting scalable and usable solutions. We are enablers who make it easier for engineers to create secure features. We build guardrails to alert developers of their security mistakes, as well as secure-by-default tools and infrastructure to bake security into the software development process.

What are some examples of application security work at Airbnb?

• Hardening frameworks and libraries to ensure that they are secure by default.
• Identifying unaddressed areas of security risk and driving cleverly engineered, scalable solutions that improve our defense-in-depth.
• Educating engineers on secure practices through documentation, targeted training, and peer relationships.
• Partnering with core business units to comprehensively rethink security models from data storage engine to customer roles.
• Creating and supporting safe break-the-glass processes. 
• Providing engineers security input via code and design reviews.

The following experience is relevant to us:

• Significant experience on an internal security team, or building security products.
• Strong understanding of web or mobile application security.
• Experience as a developer, ideally with Java and Python, but Ruby, Go, and Kotlin are a big plus.
• Familiarity with AWS and Kubernetes
• Ability to rapidly analyze and test microservices.
• Strong technical communication skills, including doc writing, presentation ability, and crisis communication.
• 3+ years experience in security engineering, or a related discipline.