Security Software Engineer (L5)
At Netflix, we do one thing - entertainment - and we aim to do it really well at massive scale. Thousands of services work in tandem to bring engaging content from the minds of our creative partners to the devices where members enjoy that content. The Security Platforms Engineering (SPE) team enables Netflix to entertain the world by securing the technology powering the entertainment that you know and love.
SPE aims to deeply understand our users, systems and security risks, so we can rightsize Netflix’s top security risks at scale. Our application security controls function reduces risk in our unique and complex engineering ecosystem through high-leverage and high-signal security controls automation.
We are looking for a security software engineer to build and advance our application security controls automation at Netflix. In collaboration with other team members on the squad, you will be responsible for designing and developing controls automations to understand and contribute to our ecosystem’s security posture. You will also work cross-functionally with other teams across Netflix Security Engineering and Platform Engineering to drive impactful change.
You:
- Are a security software engineer, experienced with application security and automation
- Are comfortable writing software, preferably in Python
- Thrive on the challenge of working at scale
- Confidently take ownership of solutions you architect and build
- Weigh the short and long term tradeoffs and make pragmatic decisions, informed by data
- Are comfortable with ambiguity, and experienced with tacking open-ended problems
- Communicate effectively
- Care deeply about the developer experience we create with our security controls
- Derive energy from a diverse and constantly-evolving environment and delivering innovative solutions to security challenges
- Know we go further together, and enjoy working collaboratively on a team
For more information related to the work our team does at Netflix please see these resources:
- Astha Singhal’s Netflix Tech Blog posts (Part 1 | Part 2) about how we scale application security at Netflix.
- Scott Behrens and Shannon Morrison’s talk (QCon) about quantifying risk at scale using asset inventory (slides)
- Netflix’s Talk at Scaling Security: Appsec about Asset Inventory and Prism
- Aladdin Almubayed’s 2019 BlackHat talk about how we approach third-party vulnerability management.
- Bryan Payne’s blog post about how we practice security effectively in a culture that aims to avoid security gates and unnecessary processes.
- The Netflix Security YouTube Channel contains videos from talks Netflixers have given about various security topics.
Stunning colleagues come from different education levels and backgrounds. Netflix culture determines who we hire, how we work together and how we make decisions. You will be surrounded by a great team and empowered to produce your best work.
At Netflix, we carefully consider a wide range of compensation factors to determine your personal top of market. We rely on market indicators to determine compensation and consider your specific job, skills, and experience to get it right. These considerations can cause your compensation to vary and will also be dependent on your location.
The overall market range for roles in this area of Netflix is typically $100,000 - $700,000.
This market range is based on total compensation (vs. only base salary), which is in line with our compensation philosophy. Netflix is a unique culture and environment. Learn more here.