Staff Security Engineer, Platform Security
San Francisco, CA or Remote (U.S. only)
Discord is used by over 200 million people every month for many different reasons, but there’s one thing that nearly everyone does on our platform: play video games. Over 90% of our users play games, spending a combined 1.5 billion hours playing thousands of unique titles on Discord each month. Discord plays a uniquely important role in the future of gaming. We are focused on making it easier and more fun for people to talk and hang out before, during, and after playing games.
Discord is about empowering people to find belonging. Trusted by millions to keep their communications out of the hands of evildoers, we depend on security and privacy for success. Our Platform Security Engineering team protects the people who create Discord and the systems they use to do it, making the “secure way” the “easy way.”
We are looking for a Staff Security Engineer, reporting to the Platform Security Engineering Manager, to advance this mission through security expertise, software development, and operational excellence. You’ll articulate and pursue the most leveraged opportunities to reduce security risk across Engineering, bridging organizational boundaries to create secure and lovable “paved paths” for managing identities and access, shipping code, configuring cloud infrastructure, and operating services.
If you are a security engineer with a passion for security and privacy, deep curiosity, eagerness to own technically and socially complex projects, and a strong desire to improve Discord, read on!
What you'll do
- Guide strategy and lead software engineering projects on a small, highly-autonomous, horizontally-integrated security team with a lot of leverage. This is a code-forward role!
- Consult on risk assessments, architectural designs, threat models, code reviews, and more—pragmatically balancing security with other business considerations.
- Develop and apply best-in-class secure baselines for cloud and bare-metal resources.
- Secure our software supply chain, from a developer’s laptop through version control and CI/CD and into production.
- Build and own IAM systems that are user-friendly and promote least privilege.
- Manage third-party vulnerabilities while supporting rapid growth for Product Engineering.
- Partner cross-functionally for security monitoring and incident response.
Example Projects
- Support IAM at Discord with scalable platform solutions; check out https://discord.com/blog/access-a-new-portal-for-managing-internal-authorization.
- Build automated tooling to scan our infrastructure for vulnerabilities.
- Bake service-to-service authentication and authorization into Discord’s next-generation developer platform.
Who you are
- You have 7+ years of …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
US Only
Benefits/PerksBenefits Equity Equity + Benefits Full-time position
Tasks- Guide strategy
- Lead software projects
- Manage vulnerabilities
- Partner cross-functionally
Bazel Benefits Buildkite CI CI/CD Cloud Cloud environments Cloudflare Cloud Infrastructure Code reviews Container Orchestration Distributed Systems Diversity Docker Engineering Gaming GCP Growth Inclusion Infrastructure Kubernetes Linux Monitoring Mtls OAuth 2.0 OIDC Organizational Privacy Product engineering Programming Python RBAC Reporting Risk assessments Rust Salt SAML Security Security Engineering Software Development Software Engineering Terraform Threat modeling Tooling Training Version Control Vulnerability Management Zero-Trust
Experience7 years
Education TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9