Security Engineer, Tooling and Automation
Who We Are
The Information Security (InfoSec) team is a blend of security engineers and security-focused software developers helping keep Twitter’s software, systems, and users secure. We consult with other teams on security-sensitive matter, develop security-related automation and tooling, and advocate to ensure security is prioritized across Twitter.
What You’ll Do
As a Security Engineer, you'll join a team of talented individuals working to reduce securityrisk across the company. We are currently seeking individuals interested in helping us build and maintain a variety of tooling and automation systems that Twitter uses to maintain and improve our security posture. You’ll be responsible for helping to identify securityrisks, suggesting ways those risk could be mitigated, and then building software to help reduce and track these risks. In addition, all of our team members help to provide subject matter expertise to other teams when they have questions related to the security of the systems they build.
Who You Are
You have both security expertise and development experience. They will be familiar with building and maintaining software systems in languages such as python or go. They should have at least a basic familiarity with security as well as a willingness to learn and grow in the role. In addition, having some experience with Linux systems administration work is a plus. You should be willing to advocate for the security of Twitter users and communicate why security decisions are important to other developers and teams.
You will meet most (but need not meet all) of the following points:
- Undergraduate degree or equivalent (CS, engineering, literature, social sciences, arts, etc are all fine)
- 2 or more years of relevant experience (other jobs, grad school, etc)
- Knowledge of at least two of the following topics: vulnerability management, lifecycle management, cryptography, web application security, identity and access management, networksecurity, secure development practices, programming languages and compilers, usability research, or operating systems.
- Software development experience with either Python or Go.
- Systems administration experience in Linux. Windows or OSX administration experience is a plus.
- Experience with configuration management tools such as puppet, ansible, or chef.
- Experience with cloud deployment environments such as GCP or AWS.
- Experience communicating security concerns and issues to non-technical audiences.