Quora is hiring a
Security Software Engineer

Summary

The job is for a Security Software Engineer at Quora, a remote-first company with products including Quora and Poe. The role involves improving the security of cloud infrastructure and Quora services, designing applications to monitor security, providing security guidance, and conducting incident triage among other responsibilities.

Requirements

• Ability to be available for meetings and impromptu communication during Quora's coordination hours (Mon-Fri: 9am-3pm Pacific Time)
• Bachelor's or Master's degree in Computer Science or Information Security
• 4+ years of experience in Infrastructure and Information Security
• 4+ years working on AWS running multiple production workloads
• Knowledge of AWS security best practices and security controls using AWS services such as IAM, Cloudtrail, CloudWatch, etc

Responsibilities

• Design, develop, and deploy applications to monitor cloud Infrastructure security and detect intrusions
• Deploy open-source tools or develop in-house solutions for OS hardening, access logging & analysis
• Build features or tools to ensure strong security in Quora product
• Provide security guidance to engineering teams and work with the product engineer on securing customer data in compliance with regulations such as GDPR and CCPA
• Drive the definition and implementation of security policies and monitor in conformance to the policies
• Conduct initial incident triage; determine scope, urgency, and potential impact of security incidents; lead and coordinate the incident response process

Preferred Qualifications

• Experience with applications for access logging, centralized logging, and monitoring/alerting of security log events such as ELK, Splunk, SumoLogic
• Experience with system administration, 2FA, SSO, and OS hardening techniques for Linux environments
• Experience in bash and Python, container technology such as docker and Kubernetes
• Working knowledge of incident response, threat modeling, and mitigation
• Strong understanding of common internet protocols such as HTTP, DNS, SMTP, etc

Benefits

• Medical/dental/vision coverage
• Equity refreshers
• Remote work reimbursement
• Paid time off
• Employee assistance programs