Listing Description
We're looking for an experienced Product Security Engineer to join our Product Security Paved Paths team. This team creates and adapts high-impact libraries and tools that allow our developers to move faster by eliminating whole categories of security risk. Through utilizing modern web standards and a deep knowledge of the tech stack, the team is able to create intuitive, self-serve experiences for both GitHub and the world's developers.
To get specific, here are some examples of things you might work on:
- Improving ActiveRecord::Encryption to allow for per-column derived keys
- Evolving our core application's Content Security Policy
- Implementing new and emerging web security standards such as Trusted Types at scale
- Open sourcing and upstreaming new paved security paths into general purpose libraries such as Ruby on Rails
- Communicating learnings both internally and externally in both written and verbal formats
If these things sound cool to you, and you're passionate about application security, please apply!
Responsibilities
- Stay up-to-date with emerging security standards and help to identify when and where they should be adopted at GitHub
- Participate in and lead the team’s technical decision making and planning
- Write robust, maintainable backend and frontend code across a variety of tech stacks
- Review code and lead group discussions about the projects we’re working on
- Develop systematic solutions to problems instead of focusing on one-off fixes
- Mentor other engineers, both formally and informally
Qualifications
Note: if you are this close to the qualifications described in this posting, please don't let it discourage you from applying. We'd love to hear from you.
- Experience building software systems, and an understanding of how to scale them
- Experience and passion for secure-by-default architecture
- Knowledge of web application vulnerabilities and mitigations
- Known for being a great communicator and collaborator
- Excellent written and verbal communication skills
- Experience in the field of product security
Preferred Qualifications
- Practical software development skills with Ruby on Rails or Go
- Working knowledge of applied cryptography
- Working knowledge of modern web security standards
- Technical leadership experience
- Demonstrated mentorship experience
- Experience using Git and GitHub
Location: In this role, you can work remotely from the following countries: Austria, Denmark, Germany, Ireland, Netherlands, Spain, Sweden, Switzerland, United Kingdom or onsite in one of GitHub’s European offices (Amsterdam, Oxford).
#LI-Remote
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided