Information Security Engineer
London, UK
6d ago

Yelp is looking for an Information Security (InfoSec) Engineer to keep us safe and sane as our team expands to numerous offices around the world.

It's an opportunity to have impact and broad scope protecting Yelp's corporate infrastructure, employees, and systems across multiple site locations.

As an InfoSec Engineer, you’ll work on improving our threat detection and response capabilities. Our awesome corporate security engineers bring a software engineering mindset to security, and build automated systems for DFIR that work at scale.

You’ll also partner with our corporate infrastructure and IT teams to help architect our future authentication, identity management, and network security systems.

What You Will Do :

  • Lead threat modeling, mitigation discovery, and manual / automated verification of mitigations
  • Build tools and infrastructure for automating incident response
  • Set policies and best security practices for IT, Infrastructure, and other internal organizations and third party integrations
  • Create, validate, and audit access control policies for Yelp systems
  • Lead security education across the organization
  • Participate in incident response and forensics collection and analysis
  • Coordinate resolution of security issues with other Engineering and IT teams
  • Develop monitoring and alerting capabilities for Yelp internal security systems
  • Collaborate with teams inside of Yelp to deploy new security-related tools and processes across the organization
  • What We Are Looking For :

  • At least 2 years of professional experience working to secure consumer websites, mobile applications, or large corporate IT infrastructure is required
  • Software development experience in Python, Java, JavaScript, Objective-C, or similar
  • Participation in 24 / 7 incident response is required
  • Exposure to digital forensics and incident response
  • Corporate network penetration testing experience
  • Passion for educating others about security best practices
  • BS or MS in Computer Science, Engineering, or a related technical discipline, or equivalent experience
  • Pluses :

  • Experience with PCI, SOX, and avoiding draconian compliance regimes
  • Experience conducting third party assessments of software vendors and SaaS apps
  • Threat hunting experience in large corporate infrastructure environment
  • Windows, MacOS, or Linux administration experience
  • Security certifications, such as CISSP
  • What We Offer :

  • Full responsibility for projects from day one, an awesome team, and a dynamic work environment
  • Competitive salary with equity in the company, a pension scheme, and an optional employee stock purchase program
  • 25 days paid holiday initially, rising to 29 with service
  • Private health insurance, including dental and vision
  • Flexible working hours and meeting-free Thursdays
  • Regular 2-day Hackathons and weekly learning groups, always with interesting topics
  • Opportunities to participate in events and conferences throughout Europe and the US
  • Public transportation season ticket loan and £50 per month toward any exercise of your choice
  • Monthly personal development allowance
  • Central location, a fully stocked kitchen, adjustable sitting / standing desks, quarterly offsites, locally roasted coffee, happy hours, and more!
  • Step 2
    Add to favorites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form