Senior Endpoint Security Engineer


Full Time Senior-level / Expert
Airbnb logo
Apply now Apply later

Posted 2 weeks ago

Airbnb is a mission-driven company dedicated to helping create a world where anyone can belong anywhere. It takes a unified team committed to our core values to achieve this goal. Airbnb's various functions embody the company's innovative spirit and our fast-moving team is committed to leading as a 21st century company.

About the team

The Detection and Response Platform Team creates capabilities used to detect and respond to security threats at Airbnb. This is the team behind StreamAlert, a real-time data analysis framework we use to detect security threats, and BinaryAlert, a real-time malware detection engine.

What are we looking for?

We are looking for an experienced software engineer to join our team of fullstack and infrastructure engineers to expand the team in a new direction.  This person will build, own, tune, deploy and maintain technologies that centralize logs and provide detection and response capabilities for corporate and production endpoints.  


  • Build, tune, and deploy tools and automation that proactively detect and respond to security risks and threats to corporate endpoints and cloud based production systems.
  • Build, tune, and deploy systems that help mitigate security risks by understanding and controlling what software is allowed to execute on our client devices.
  • Collaborate with cross-functional partner teams such as IT, Site Reliability Engineering, Privacy, and Infrastructure for efficient, scalable detection and response capabilities.
  • Constantly evaluate new opportunities to improve our logging or generate better telemetry from our endpoints.

Valued Qualifications:

  • Significant experience building, managing, deploying, and tuning systems that provide endpoint security telemetry and capabilities.  We use a mix of open source, in-house, and commercial endpoint detection and response solutions.
  • Significant coding experience in a general purpose language.  We often use Python and Go.
  • Experience in operating system internals (Mac, Linux, Windows), including performance tuning, tracing, and debugging.
  • Experience with infrastructure automation/fleet management technologies.  We often use Terraform, Chef, and Puppet.
  • Experience with deploying and managing services in a containerized production AWS environment. We often use Lambda, Kinesis, Kubernetes, EC2 and Athena. 
  • Experience in security engineering, detection, incident response or reverse engineering malware is a plus.
  • Familiarity with logging and telemetry infrastructure is a plus.  We often use Syslog, Fluentd, and Logstash.
Job tags: Automation AWS Go Incident response Kubernetes Lambda Linux Malware Open Source Puppet Python Windows
Job region(s): Remote/Anywhere
Job stats:  37  8  0
  • Share this job via
  • or

More Information Security position highlights