Yelp is looking for an Information Security (InfoSec) Engineer to keep us safe and sane as our team expands to numerous offices around the world.
It's an opportunity to have impact and broad scope protecting Yelp's corporate infrastructure, employees, and systems across multiple site locations.
As an InfoSec Engineer, you’ll work on improving our threat detection and response capabilities. Our awesome corporate security engineers bring a software engineering mindset to security, and build automated systems for DFIR that work at scale.
You’ll also partner with our corporate infrastructure and IT teams to help architect our future authentication, identity management, and network security systems.
What You Will Do :
Lead threat modeling, mitigation discovery, and manual / automated verification of mitigations
Build tools and infrastructure for automating incident response
Set policies and best security practices for IT, Infrastructure, and other internal organizations and third party integrations
Create, validate, and audit access control policies for Yelp systems
Lead security education across the organization
Participate in incident response and forensics collection and analysis
Coordinate resolution of security issues with other Engineering and IT teams
Develop monitoring and alerting capabilities for Yelp internal security systems
Collaborate with teams inside of Yelp to deploy new security-related tools and processes across the organization
What We Are Looking For :
At least 2 years of professional experience working to secure consumer websites, mobile applications, or large corporate IT infrastructure is required
Participation in 24 / 7 incident response is required
Exposure to digital forensics and incident response
Corporate network penetration testing experience
Passion for educating others about security best practices
BS or MS in Computer Science, Engineering, or a related technical discipline, or equivalent experience
Experience with PCI, SOX, and avoiding draconian compliance regimes
Experience conducting third party assessments of software vendors and SaaS apps
Threat hunting experience in large corporate infrastructure environment
Windows, MacOS, or Linux administration experience
Security certifications, such as CISSP
What We Offer :
Full responsibility for projects from day one, an awesome team, and a dynamic work environment
Competitive salary with equity in the company, a pension scheme, and an optional employee stock purchase program
25 days paid holiday initially, rising to 29 with service
Private health insurance, including dental and vision
Flexible working hours and meeting-free Thursdays
Regular 2-day Hackathons and weekly learning groups, always with interesting topics
Opportunities to participate in events and conferences throughout Europe and the US
Public transportation season ticket loan and £50 per month toward any exercise of your choice
Monthly personal development allowance
Central location, a fully stocked kitchen, adjustable sitting / standing desks, quarterly offsites, locally roasted coffee, happy hours, and more!