Careers at Airbnb

Security Engineering Manager

Airbnb is built on trust. We are looking for people who want to make the Airbnb platform safer for millions of users around the world. We are enablers who make it easier for engineers to create secure features, prevent and remediate vulnerabilities. We’d love to talk to you if you’re a talented individual who is passionate about crafting scalable and usable security solutions. 

The role would be managing two teams:

  • The Security Engineering team has a focus on Application Security and builds tools to help identify and prevent vulnerabilities in Airbnb code. The team hunts down vulnerabilities that are currently present using a combination of penetration testing and design review. Security Engineering is the primary contact for analyzing the security of a given system.
  • The Vulnerability Management Team helps identify and understand vulnerabilities in Airbnb’s environment in order to make informed security risk decisions and proactively minimize our attack surface.

Role: 

  • Manage two teams of Security Engineers, PMs, and an Engineering Manager:
    • Security Engineering:
      • Develop tooling and frameworks to secure our products throughout the entire SDLC (static analysis, CSRF/XSS prevention libraries, CSP, code hardening efforts, etc)
      • Security reviews and threat modeling across the entire company (new products, acquisitions, vendor integrations, etc)
      • Security architecture, design, and code reviews across engineering
      • Establish security goals across other departments
      • Penetration tests conducted by internal engineers and third-party security firms
      • Responsible disclosure program via HackerOne
      • Providing security training and promoting a culture of security across the engineering and product team
    • Vulnerability Management:
      • Work on unifying security vulnerability management at Airbnb
      • Work with all departments to help them track and understand risk of vulnerabilities, as well as providing reporting and awareness on vulnerabilities past SLA
      • Work on methodologies to unify risk across all vulnerabilities, and have consistency in reporting/tracking
      • Analyse gaps that could be remediated at scale (scanning / coverage gaps, finding patterns when too many issues of a certain type occurs, etc.)
  • Requirements
    • Depth and breadth of knowledge in at least two of the areas below:
      • Security engineering, system security, SDLC, software engineering, authentication and security protocols, cryptography, vulnerability management, and application security.

We value Engineering Managers who have:

  • Relevant engineering work experience and hands-on technical management experience
  • Track record in partnering with recruiting to build incredible engineering teams
  • Actively coached and mentored team members in their careers
  • Been actively involved in setting product strategy
  • Independently started self-sustaining teams
  • Coding ability and experience with architectural patterns of large, high-scale applications
  • Consistently made culture choices that positively impact all of engineering
  • Shipped several large scale projects with multiple dependencies across teams

Benefits:

  • Stock
  • Competitive salaries
  • Quarterly employee travel coupon
  • Paid time off
  • Medical, dental, & vision insurance
  • Life insurance and disability benefits
  • Fitness discounts
  • 401K
  • Flexible Spending Accounts
  • Apple equipment
  • Commuter subsidies
  • Community involvement (4 hours per month to give back to the community)
  • Company sponsored tech talks and happy hours
  • Breakfast, lunch, and dinner
  • Much more…