Senior Staff Application Engineer, Security
Airbnb was born in 2007 when two Hosts welcomed three guests to their San Francisco home, and has since grown to over 4 million Hosts who have welcomed more than 1 billion guest arrivals in almost every country across the globe. Every day, Hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way.
The Community You Will Join:
We are looking for an experienced Application Security Lead. This role will report to the Director of Information Security Technology and will be working closely with the Application Security Team.
This team builds tools to help identify and prevent vulnerabilities in Airbnb code. The team also hunts down vulnerabilities that are currently present using a combination of penetration testing and design review. Security Engineering is the primary contact for analyzing the security of a given application.
The Difference You Will Make:
In this role, you will help refine the direction of the application security team, mentor/train the current team, and help with board and executive level reporting. You will also work with Software Engineers to lead large-scale, cross-functional projects throughout the organization, as well as help with application level detection and incident response efforts.
A Typical Day:
- Develop tooling and frameworks to secure our products throughout the entire SDLC (static analysis, CSRF/XSS prevention libraries, CSP, code hardening efforts, etc)
- Security reviews and threat modeling across the entire company (new products, acquisitions, vendor integrations, etc)
- Security architecture, design, and code reviews across engineering
- Establish security goals across other departments
- Penetration tests conducted by internal engineers and third-party security firms
- Responsible for disclosure program via HackerOne
- Providing security training and promoting a culture of security across the engineering and product team
- 12+ years of industry experience
- Relevant engineering work experience and hands-on technical experience
- Actively coached and mentored team members in their careers
- Been actively involved in setting product strategy
- Independently led technical team(s)
- Coding ability and experience with architectural patterns of large, high-scale applications
- Consistently made culture choices that positively impact all of engineering
- Shipped several large scale projects with multiple dependencies across teams
Nice to have:
- Experience with AWS (Lambda, Kinesis, S3, SNS, SQS, EC2, ...)
- Experience in Software development (Ruby, Java, Python, Golang)
- Familiar with version control (Git)
- Telemetry aggregation, query, and correlation (Athena, Elasticsearch, Kibana)
- Familiar with logging infrastructure (Syslog, Fluentd, Logstash)
- A desire to dive into Big Data, Data Science, Analytics, Machine Learning
How We'll Take Care of You:
The starting base pay for this role is between $220,000 and $290,000. The actual base pay is dependent upon many factors, such as: education, experience, and skills. The base pay range is subject to change and may be modified in the future. This role may also be eligible for bonus, equity, benefits, and Employee Travel Credits.
This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. While the position is Remote Eligible, you must live in a state where Airbnb, Inc. has a registered entity. Click here for the up-to-date list of excluded states. . This list is continuously evolving, so please check back with us if the state you live in is on the exclusion list. If your position is employed by another Airbnb entity, your recruiter will inform you what states you are eligible to work from.
Our Commitment To Inclusion & Belonging:
Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply.
We strive to also provide a disability inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation in order to submit an application,, please contact us at: email@example.com. Please include your full name, the role you’re applying for and the accommodation necessary to assist you with the recruiting process.
We ask that you only reach out to us if you are a candidate whose disability prevents you from being able to complete our online application.