Airbnb is hiring a
Senior Security Engineer

Summary

Join Airbnb's Enterprise Security team as a hands-on Security Engineer to build, defend, and enable seamless user experiences. The role involves deploying cloud security solutions, building secure access controls, utilizing infrastructure management tooling, and more.

Requirements

• B.S. or M.S. in Computer Science or related field, or equivalent experience
• Knowledge of the threat landscape, common attacks and mitigation methods
• Ability to develop tools using an interpreted programming language (Golang, Python, Ruby, etc.)
• Familiarity with DevOps toolchain (e.g. Puppet / Chef / Ansible, Terraform, Jenkins)
• A firm grasp of or meaningful experience in the following areas: Operating systems internals and hardening (macOS, Linux, or Windows). Networking protocols and operations Cloud infrastructure and services platforms (AWS and GCP strongly preferred) Authentication, authorization and directory services. Vulnerability management and remediation

Responsibilities

• Deploy cloud security solutions and controls in a multi-cloud (e.g. GCP, Azure, AWS) and on-premise infrastructure
• Build secure access controls using modern-era tools and techniques (e.g. WebAuthn, SSH over HTTP, Ephemeral access)
• Utilize infrastructure management tooling (Puppet / Chef, Ansible,Terraform) to enable consistent hardening configs and code-driven security configurations in a multi-cloud, on-prem environment (e.g. GCP, Azure, AWS)
• Deploy Data Loss Prevention (DLP) solutions focusing on PII and PCI related data that may be in SaaS applications (e.g. GSuite, SalesForce, Box) and consider additional DLP strategies
• Deploy vulnerability management tools across CI/CD, compute, and container infrastructure to detect vulnerabilities and security misconfigurations
• Enable deployment of Chrome OS at scale for customer support agents to significantly reduce attack surface and improve endpoint management
• Orchestrate security posture checks on all new infrastructure deployments
• Implement endpoint state attestation tooling
• Scale proactive security controls to new environments (e.g. acquisitions)

Benefits

• Bonus
• Equity
• Benefits
• Employee Travel Credits