Staff Software Engineer - Product Security Engineering, Remote Opportunity
Remote - US / Canada
GitHub
GitHub is where over 100 million developers shape the future of software, together. Contribute to the open source community, manage your Git repositories, review code like a pro, track bugs and features, power your CI/CD and DevOps workflows,...The product security engineering team is looking for an experienced software engineer to join our Architecture team. You will help us strategically enable engineers at GitHub to design and build secure software and services both for GitHub and our customers. The Architecture team identifies the most important application and product security risks and leverages engineering-lead solutions to mitigate or eliminate those risks. Here are a few of the things you will do:
- Libraries and frameworks - Our team enjoys writing code and we doubly enjoy code that can be reused for security throughout GitHub. As such, we are always looking for opportunities to build or contribute to libraries or frameworks (internal and open-source) so solutions to common security challenges are easier or, ideally, default behavior.
- Code hardening - It makes our team sad when an API was used insecurely because it was confusing or hard to use. We are on the lookout for such code and APIs to work with teams or make an inner-source contribution to deprecate or modify them to be more "secure by default."
- Consulting - We collaborate with engineers throughout GitHub to design pragmatic solutions to security obstacles that strike the right balance between security, usability, and pragmatism.
- Architecture requirements/guidance - While our team enjoys collaborating with engineering, we also know that doesn't scale to answer every application security question that arises. Our team looks for broadly applicable architectural requirements we can standardize to enable teams to self-service their most common questions/security challenges.
Responsibilities:
- Identify the most important strategic product security focus areas for the team and GitHub itself
- Help lead security architecture discussions with other engineering teams throughout GitHub
- Stay current with emerging security standards and help to identify when and where they should be adopted at GitHub
- Identify foundational architectural gaps and propose requirements/approaches to enable engineers to build secure software/services at scale
- Help lead the team’s technical/architectural decision making
- Review code and lead group discussions about the projects we’re working on
- Develop systematic solutions to problems instead of focusing on one-off fixes
- Mentor other engineers
Minimum Qualifications:
- You have a BS (or higher, e.g., MS, or PhD) in Computer Science or a related technical field involving coding (e.g., physics or mathematics), or equivalent technical experience
- A passion for application security-related problems
- Designing/writing software experience
- Designing/architecting secure systems at scale
- Comfortable making recommendations with GitHub-wide impact
- Working knowledge of web application vulnerabilities and mitigations
- Known for being a great communicator and collaborator
- Excellent written and verbal communication skills
- Preferred Qualifications:
- Practical software development skills with Ruby on Rails or Go
- Working knowledge of applied cryptography
- Working knowledge of modern web security standards
- Experience using Git and GitHub
Who We Are:
GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.
Leadership Principles:
Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness
Why You Should Join:
At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here: https://github.com/about/careers/remote
We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.
GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!
Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.
#LI-POST
Tags: APIs Application security Computer Science Cryptography GitHub Mathematics PhD Physics Product security Ruby Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs