Sr Security Software Engineer, Application Security

Netflix, Inc. Los Gatos , CA 95033

Posted 10 months ago

Netflix has a unique and innovative culture that guides us to do things differently. This helps keep engineering velocity high, but also means that our security team needs to operate differently than a traditional security team.

The two important aspects of the culture that affect how the security team operates are "Freedom and Responsibility" and "Context not Control". Employees have tremendous freedom in their work, along with the corresponding responsibility to do the right thing for Netflix. Instead of controlling engineers with process and security gates, we enable them to create secure code and provide them with adequate security context to make the right decisions for Netflix.

The Application Security team helps secure applications that run the Netflix business and the streaming product. Our customers are primarily Netflix engineering teams that produce software deployed within our cloud infrastructure.

We aren't your typical Appsec team. In addition to driving high impact security initiatives for high risk product areas, we spend a lot of time automating application insight and vulnerability identification across our AWS ecosystem. We aim to scale application security via actionable self-service and automated visibility.

Desired background:

  • You are passionate about using automation to scale application security.

  • Your primary background is in software engineering with some experience in application security.

  • You have experience with Python or Ruby software development and are an effective collaborator and communicator.

In this role, you will leverage your technical expertise to identify and deliver high impact security solutions at Netflix scale. You will leverage your security skills to support the Netflix bug bounty program, participate in our product security incident response efforts and other operational appsec responsibilities.

We understand that candidates may come from all different education levels and backgrounds. We encourage this! If you enjoy working on the kinds of problems outlined above, then we should talk.

Finally, here's a few more reasons why we love this work and think that you will too:

  • You would be working with an industry leading security team with many opportunities to improve existing projects and identify new ones.

  • You are a big fan of open source software and sharing information. We share when it makes sense and are always researching new ideas from across the community.

  • You enjoy learning and working closely with subject matter experts in diverse areas such as microservices architecture, big data, content delivery networks, and a production studio.

We are an equal opportunity employer and value diversity of thought, culture, background, and perspective at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Security Software Engineer Application Security

Netflix, Inc.

Posted 3 weeks ago

VIEW JOBS 1/29/2020 12:00:00 AM 2020-04-28T00:00 At Netflix we do one thing - entertainment - and we aim to do it really well. To accomplish this goal we must produce, distribute, and stream content at massive scale. Many customers think about Netflix as a single piece of streaming software, but in reality we require thousands of services working in tandem to get content from the mind of our creative partners to the devices where members enjoy that content. At Netflix, we aim to build software that is secure by default so that software engineers do not need to become security experts to protect their systems. Application Security (AppSec) Engineering's job is to guide developers towards simple, self-service solutions that meaningfully reduce security risk for software they create. We are tasked with enabling security for thousands of applications and developers, so we focus on automated and scalable approaches that eliminate bug classes and make default configurations secure. Netflix's culture is different from other companies and this influences our approach to security: * We avoid rules. The Netflix Security team does not typically issue mandates or block releases. * We encourage independent decision-making by employees. Service developers own every aspect of their application, including security. It is the security team's job to advise them. The AppSec Engineering team designs, builds, and operates the services that provide automated security context and suggestions to developers. We take a quantitative approach to assessing security risk, continually scan each application for risk factors and compensating controls, and present simple recommendations to developers. Netflix, Inc. Los Gatos CA

Sr Security Software Engineer, Application Security

Netflix, Inc.