Staff Security Engineer, Platform Security

Discord is used by over 200 million people every month for many different reasons, but there’s one thing that nearly everyone does on our platform: play video games. Over 90% of our users play games, spending a combined 1.5 billion hours playing thousands of unique titles on Discord each month. Discord plays a uniquely important role in the future of gaming. We are focused on making it easier and more fun for people to talk and hang out before, during, and after playing games.

Discord is about empowering people to find belonging. Trusted by millions to keep their communications out of the hands of evildoers, we depend on security and privacy for success. Our Platform Security Engineering team protects the people who create Discord and the systems they use to do it, making the “secure way” the “easy way.”

We are looking for a Staff Security Engineer, reporting to the Platform Security Engineering Manager, to advance this mission through security expertise, software development, and operational excellence. You’ll articulate and pursue the most leveraged opportunities to reduce security risk across Engineering, bridging organizational boundaries to create secure and lovable “paved paths” for managing identities and access, shipping code, configuring cloud infrastructure, and operating services.

If you are a security engineer with a passion for security and privacy, deep curiosity, eagerness to own technically and socially complex projects, and a strong desire to improve Discord, read on!

What you'll do

• Guide strategy and lead software engineering projects on a small, highly-autonomous, horizontally-integrated security team with a lot of leverage. This is a code-forward role!
• Consult on risk assessments, architectural designs, threat models, code reviews, and more—pragmatically balancing security with other business considerations.
• Develop and apply best-in-class secure baselines for cloud and bare-metal resources.
• Secure our software supply chain, from a developer’s laptop through version control and CI/CD and into production.
• Build and own IAM systems that are user-friendly and promote least privilege.
• Manage third-party vulnerabilities while supporting rapid growth for Product Engineering.
• Partner cross-functionally for security monitoring and incident response.

Example Projects

• Support IAM at Discord with scalable platform solutions; check out https://discord.com/blog/access-a-new-portal-for-managing-internal-authorization.
• Build automated tooling to scan our infrastructure for vulnerabilities.
• Bake service-to-service authentication and authorization into Discord’s next-generation developer platform.

Who you are

• You have 7+ years of experience building and operating production systems and infrastructure.
• You have 5+ years of experience writing software in at least one general-purpose programming language (we mainly use Python and Rust).
• You have 4+ years of experience securing systems with millions of users.
• You have been the tech lead for projects involving 3+ engineers and spanning multiple quarters.
• You have designed and built user-facing software for customers beyond your immediate team.
• You have experience securing cloud-based environments (e.g. GCP, Cloudflare).
• You have experience with technologies for defining and orchestrating containers (e.g. OCI, Docker, Distroless, Kubernetes).
• You understand modern authentication and authorization protocols and concepts (e.g. RBAC, OAuth 2.0, OIDC/SAML, Zero Trust network architectures, mTLS).
• You have experience with build and CI/CD technologies (e.g. Bazel, Buildkite, Terraform).

Bonus points

• You have a system to discover industry tools that can multiply your team’s impact.
• You have experience securing multi-cloud environments.
• You have developed and debugged distributed systems atop GCP and Cloudflare.
• You have built and operated a service mesh (e.g. Envoy, Istio, Linkerd).
• You have managed and secured VMs and bare-metal hosts (e.g. Linux, Salt).
• You have designed and applied Kubernetes security policies (e.g. OPA Gatekeeper, Kyverno).

#LI-Remote

The US base salary range for this full-time position is $223,000 to $245,500 + equity + benefits. Our salary ranges are determined by role and level. Within the range, individual pay is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include equity, or benefits.

Why Discord? 

Discord plays a uniquely important role in the future of gaming. We're a multiplatform, multigenerational and multiplayer platform that helps people deepen their friendships around games and shared interests. We believe games give us a way to have fun with our favorite people, whether listening to music together or grinding in competitive matches for diamond rank. Join us in our mission! Your future is just a click away!

Check out our inclusion, diversity and purpose efforts, company principles, or learn more about the Life @ Discord experience!