Software Engineer, Infrastructure Security (Senior/Principal)
Code.org
·
Posted:
July 19, 2023
·
Remote
About the position
As a Software Engineer, Infrastructure Security (Principal) at Code.org, you will be responsible for implementing security improvements for services used by millions of students and teachers in K-12 classrooms worldwide. Your role will involve architecting and implementing cloud infrastructure solutions to ensure the security of student data and the resilience of production systems. Additionally, you will collaborate with other engineering teams to design and implement security-related components and services, provide expert advice on risk assessment and vulnerability fixes, and promote secure development practices across the organization. This position offers the opportunity to work on exciting technical challenges and contribute to an inclusive and collaborative team culture.
Responsibilities
- Architect and implement cloud infrastructure solutions ensuring the security of student data and the resiliency of production systems
- Work across the engineering organization to help teams own, design, and implement security related components and services
- Provide expert advice to internal staff, consulting on risk assessment and vulnerability fixes
- Promote security across the engineering organization, mentoring and educating other engineers on secure development practices
- Triage reports from, and interact with, a community of independent security researchers contributing to our product
- Own projects and build features end to end, working on exciting technical challenges using some of the latest technologies
- Ship software regularly while maintaining excellent live site availability
- Contribute to an inclusive, growth-focused, and collaborative team culture
- Experience with web technologies; our stack is a mix of JavaScript, React, Ruby on Rails, SQL Databases, AWS and various 3rd party tools
- Experience in some of the following areas: application security, cloud platform security, authentication, web and network protocols, risk assessment, threat modeling, pen tests, and vulnerability assessments
- Experience working independently on software projects, including the ability to break down project work into smaller features and communicate status updates optimally
- Experience supporting a production high-scale web-based software product or service
- Be willing to travel a minimum of two times per year for team events
Requirements
- Passion for growing access to computer science education
- Experience with web technologies, including JavaScript, React, Ruby on Rails, SQL Databases, AWS, and various 3rd party tools
- Experience in application security, cloud platform security, authentication, web and network protocols, risk assessment, threat modeling, pen tests, and vulnerability assessments
- Experience working independently on software projects and breaking down project work into smaller features
- Experience supporting a production high-scale web-based software product or service
- U.S. Citizen or Permanent Resident
- Willingness to travel a minimum of two times per year for team events
Benefits
- Technology subsidy consistent with our Bring Your Own Device environment
- Flexible, engaging, and remote working environment
- Paid time off: 3 weeks vacation annually, sick leave, and 'winter break' office closure the two weeks that include Christmas and New Years
- Medical, dental and vision premiums paid at 100% for FT positions and their dependents
- Option to participate in 403b retirement plan
- Annual professional development stipend
- The opportunity to help students learn better and change the face of computer science
- Fully vaccinated against COVID-19 requirement
- Equal opportunity employer and value diversity
- Reasonable accommodation for individuals with disabilities