Staff Software Engineer, Security

Summary

Join Airbnb's data security team as a Staff Software Engineer to lead efforts in identifying, securing, and preventing data leakage. Design and implement robust data protection controls, collaborating with cross-functional teams to ensure security best practices and privacy compliance. Develop and implement systems to identify and protect sensitive data, build a data protection platform for automatic data classification and protection, and contribute to auto-detection of sensitive data using machine learning. Design and enforce controls to prevent data leakage, implement robust access controls and encryption, and collaborate with data infrastructure teams. Build platforms to manage third-party vendors and protect user data, build and maintain scalable data infrastructure leveraging AWS, and integrate AI/ML into security practices. Troubleshoot data security and infrastructure issues. This is a US-remote eligible position.

Requirements

• 9+ years of software development or job related work experience
• Prior experience in data loss prevention or related security fields
• Knowledge of data classification, encryption, and compliance frameworks
• Significant experience in at least one of the following programming languages: Java, Kotlin, Python
• Significant experience in any of the following: Generalist Backend, Data Engineering, or Security Engineer experience

Responsibilities

• Develop and implement systems to identify and protect sensitive and personal data
• Data Protection Platform (DPP): Build the end to end platform to automatically classify the Airbnb data and protect the data based on the classifications with various strategies such as uplevel and scale services for automatic detection for data classification
• Contribute to the auto detection of the secret and critical data using advanced machine learning models and Regex patterns for all types of data storages such as Relational and Non-relational databases, Cloud Storage, Code
• Design and enforce controls to prevent data leakage across various platforms. Automate security enforcement at scale, collaborate with data platform teams and product teams for data governance best practice, such as Notifications, Call to action, or Access Revocation
• Implement Robust access controls, encryption and data masking to protect sensitive data and enable responsible AI/ML
• Collaborate with Data Infrastructure to design and build complex back end architecture that are both performative and scalable to provide a deep understanding of the risk of all Airbnb data, such as data ownership, data access, and data lineage etc
• Build the platform to manage all the 3rd-party vendors integrated with the Airbnb platform and protect the Airbnb user data shared with vendors
• Build and maintain scalable data infrastructure, leveraging AWS cloud technologies. Find opportunities to expand DLP coverage on AWS-Corp, Azure, GCP and OCI
• Collaborate with security teams to ensure compliance with data protection regulations
• Integrate AI/ML into security practices to bring greater contextual awareness and wherever possible. E.g. Leverage LLMs for advanced data discovery and classification, data security incident response etc
• Troubleshoot and resolve issues related to data security and infrastructure

Preferred Qualifications

• Working knowledge of cloud computing (AWS), GCP, or Azure is a plus
• Prior experience with Airflow is a plus
• AI/ML experience is a plus
• Experience finding ways to enable other engineers to develop secure products by default without requiring security expertise
• Significant experience in building robust internal products/tools or production backend services at scale is a plus
• Defensive security experience, shipping projects that mitigate application or infrastructure risks at scale is a plus

Benefits

• Bonus
• Equity
• Benefits
• Employee Travel Credits