Airbnb is a mission-driven company dedicated to helping create a world where anyone can belong anywhere. It takes a unified team committed to our core values to achieve this goal. Airbnb's various functions embody the company's innovative spirit and our fast-moving team is committed to leading as a 21st century company.

Airbnb is built on trust. The Information Security team plays a critical role in maintaining and building our community’s trust in our platform that enables millions of users to explore the world and belong anywhere. 

We are looking for people who want to make the Airbnb platform and customer data safer for millions of users around the world. We’d love to talk to you if you’re a talented individual who is passionate about finding security weaknesses and crafting scalable and usable solutions. We are enablers who make it easier for engineers to create secure features, not blockers.

 

If the mission sounds exciting to you, we have a few different flavors of projects/skill sets that we are looking for. 

 

Specifically, current areas for Software Engineering in Information Security include the following:

  • Identity and Access Management: Build the platform to ensure that Airbnb employees and services have appropriate access to Airbnb resources. 
  • Data Security and Privacy: Build technical solutions to protect Airbnb customer user data within Airbnb infrastructure and meet privacy compliance requirements.
  • Production Security: Build technical solutions to protect Airbnb’s production infrastructure ecosystem. 

 

What are examples of work that Software Engineers in the Information Security team have done at Airbnb?

  • Author and maintain core encryption services, libraries, and frameworks to protect user data at scale.
  • Author and maintain sensitive data identification services, libraries, and frameworks to identify personal data to meet privacy compliance requirements (e.g. GDPR, CCPA, etc).
  • Understand requirements from legal and compliance teams, and then author and build large scale services to enable Airbnb privacy compliance. 
  • Working closely with Data Platform and Infrastructure teams to automatically identify data security risk.
  • Author and maintain an internal certificate management service.

 

Common examples of enrichment activities of Software Engineers in Information Security: 

  • Help design and review security-sensitive aspects of systems.
  • Train new engineers and evangelize good security habits; ensure best practices (in technology or education/outreach).
  • Attend security conferences.
  • Contribute to open source.
  • Publish security research.

The following are some examples of profiles that are relevant to us. If a subset of these things apply to you, please consider applying. We are looking to build a team of both specialists in security and generalists in software engineering.

  • 8+ years of software development or job related work experience.
  • Solid defensive security experience, shipping projects that mitigate application or infrastructure risks at scale.
  • Experience finding ways to enable other engineers to develop secure products by default without requiring security expertise.
  • Significant experience in at least one of the following programming languages: Ruby, Java, Python, JavaScript, Go, or C/C++.
  • Significant experience in building robust internal products/tools or production backend services at scale. 
  • Significant experience in any of the following: Generalist Backend, Full Stack Engineer, SRE, or Security Engineer experience. 
  • Working knowledge of cloud computing (AWS) operations.
  • Interest in building and breaking.