Security Software Engineer

Summary

Join us on this journey to create a positive impact and make a significant change in the world. As a Security Software Engineer, you will own and improve the security of cloud Infrastructure and Quora services.

Requirements

• Ability to be available for meetings and impromptu communication during Quora's "coordination hours" (Mon-Fri: 9am-3pm Pacific Time)
• Bachelor's or Master's degree in Computer Science or Information Security
• 4+ years of experience in Infrastructure and Information Security
• 4+ years working on AWS running multiple production workloads
• Knowledge of AWS security best practices and security controls using AWS services such as IAM, Cloudtrail, CloudWatch, etc
• Attention to details and good communication and collaboration skills, be self-motivated and have a strong sense of ownership of tasks

Responsibilities

• Design, develop, and deploy applications to monitor cloud Infrastructure security and detect intrusions
• Deploy open-source tools or develop in-house solutions for OS hardening, access logging & analysis
• Build features or tools to ensure strong security in Quora product
• Provide security guidance to engineering teams and work with the product engineer on securing customer data in compliance with regulations such as GDPR and CCPA
• Drive the definition and implementation of security policies and monitor in conformance to the policies
• Conduct initial incident triage; determine scope, urgency, and potential impact of security incidents; lead and coordinate the incident response process

Preferred Qualifications

• Experience with applications for access logging, centralized logging, and monitoring/alerting of security log events such as ELK, Splunk, SumoLogic
• Experience with system administration, 2FA, SSO, and OS hardening techniques for Linux environments
• Experience in bash and Python, container technology such as docker and Kubernetes
• Working knowledge of incident response, threat modeling, and mitigation
• Strong understanding of common internet protocols such as HTTP, DNS, SMTP, etc

Benefits

• Medical/dental/vision coverage
• Equity refreshers
• Remote work reimbursement
• Paid time off
• Employee assistance programs