Some experience in software engineering, developing full-stack, complex, and distributed applications.
An understanding of designing elegant, well-structured APIs.
Proficiency in at least one programming language (e.g., Python, Java, JavaScript, C, etc.).
A collaborative mindset with a proactive approach to problem-solving, continuous learning, and knowledge sharing across teams.
Responsibilities:
Build and scope tools and infrastructure for automating security policy and enforcement.
Improve and enhance vulnerability detection and response capabilities.
Identify vulnerabilities through assessments, working with internal partners towards remediation and improvement of Yelp’s corporate environment and infrastructure.
Help define policies and security best practices for IT, infrastructure, and other internal organization and third-party integrations.
Review and offer feedback on security implications of software system designs submitted from across Yelp Engineering.
Exhibit the strong communication ability needed to enforce rigorous security standards, while always playing well with others and partnering with diverse stakeholders to advance Yelp’s goals.
Design, develop, and operationalize monitoring, correlation, and alerting capabilities for Yelp’s corporate network, infrastructure, and applications to identify suspicious or anomalous behavior.
Participate in a regular on call rotation and occasional incident response.
Help perform threat modeling across business applications and infrastructure integrations.