At Netflix we do one thing - entertainment - and we aim to do it really well. To accomplish this goal, we must produce, distribute, and stream content at a massive scale. We have a strong engineering organization that enables us to achieve these business objectives and a unique and creative culture that guides us to operate with “Freedom and Responsibility”. This helps keep engineering velocity high, but also means that our security team needs to operate differently than a traditional security team. Employees have tremendous freedom in their work, along with the corresponding responsibility to do the right thing for Netflix. Instead of controlling engineers with process and security gates, we enable them to build secure code and provide them with adequate security context to make the right decisions for Netflix.
The Application Security (Appsec) organization at Netflix helps secure internally built systems and applications that run the Netflix business and the streaming product. We aren’t your typical Appsec team because we focus our efforts on scalable investments in both our engineering and partnership services. The Appsec Partnerships team is the part of this organization that builds close partnerships with key areas in our engineering ecosystem to identify and drive high-impact security initiatives (e.g.: Secure by Default in Developer Productivity tools, Secure Application Gateway for all workforce apps). We are looking for security engineers to join the team to help identify and drive high-leverage security improvements and improve the security of the Netflix engineering ecosystem. You will also leverage your security skills to support the Netflix bug bounty program, participate in our product security incident response efforts and other operational Appsec responsibilities. We are hiring for security partner roles in two domains:
End-User Products - This role is to support product and engineering teams that build end user-facing products for streaming and studio use cases. Specific background includes application security knowledge and scalable approaches to end-user product security.
Platform Products - This role is to support product and engineering teams that build developer-facing platform and infrastructure tools (e.g.: Compute and Networking Platforms, Service Proxies etc). Specific background includes infrastructure security knowledge and an understanding of systemic security challenges for platform and infrastructure-as-a-service offerings.
- You have experience with threat modeling, security design reviews, and security architecture.
- You have excellent written and verbal communication skills and are able to translate security objectives to engineering team asks.
- You have experience partnering with cross-functional teams to deliver widely impactful security initiatives.
- You demonstrate excellent judgement in prioritizing security efforts to mitigate the appropriate risks.
Finally, here’s a few more reasons why we love this work and think that you will too:
- You will have the opportunity to facilitate impactful security work for the Netflix engineering ecosystem.
- You will work with an industry-leading security team with many opportunities to reduce risks in existing projects and identify new ones.
- You will have the opportunity to research new ideas and share your ideas across the community.
- You will work closely with domain experts in diverse areas such as microservices architecture, big data, compute platforms, and content delivery networks.
We are looking for thoughtful security professionals who enable our mission and support our culture of freedom and responsibility. You can learn more about life at Netflix by watching our security talks or exploring our open source work.