Staff Engineer, Security Engineering
1 week ago
Grubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business. You will work closely with cross-functional teams, including software engineering (FE + BE), IT, and SRE, to ensure our security practices are robust and scalable. Your expertise will help us achieve our goal of building secure, resilient, and efficient systems. A key part of your role will be to develop and maintain "paved roads" for security, creating standardized and streamlined paths that make secure practices the easiest and most efficient options for our teams. This role reports directly to the head of cybersecurity with broad latitude to work with both senior and new-grad engineers to make a measurable impact on Grubhub’s security posture.
Your Impact
- You will enhance the overall security posture of Grubhub by identifying and mitigating security defects proactively.
- You will contribute to a culture of cybersecurity awareness and continuous improvement within the organization, enabling Grubhub to launch and sustain key business initiatives with minimal risk.
- You will champion high-integrity + high-assurance outcomes in order to ensure the delivery of secure and trustworthy experiences
- You’ll tangibly reinforce our #1 technology philosophy: “security first” by integrating security into the development process from the start, rather than as an afterthought.
What You Will Do
- Identify lacking security-sensitive functionality in Grubhub’s applications and services, translating those control gaps into actionable engineering remediation plans and solutions
- Design, build, deploy and drive adoption of embedded security tooling in conjunction with internal services and platform teams
- Perform threat modeling, design, and code reviews to assess security implications and requirements for the introduction of new security systems and technologies
- Drive initiatives with outside teams to re-engineer existing services to ensure that Grubhub remains resilient against the latest security threats
- Bridge security domain knowledge gaps through technical mentorship of a team of passionate engineers while also delivering uniquely challenging projects.
What we’re expecting you to have
- Bachelor's in Computer Science, Engineering or a related field
- Professional experience of 8+ years in at least two security domains: web security (inclusive of APIs, backends, frontend and microservices), edge/perimeter security, mobile security, cloud security, systems security, or reverse engineering
- 7+ years of industry experience in a software development environment with expert-level proficiency in programming languages like Java, Python, or C++
- Demonstrable experience developing libraries and frameworks that are pre-vetted for security, which developers can use to avoid common vulnerabilities.
- Hands-on experience incorporating security checks and tests into the CI/CD pipeline so that every code change is automatically reviewed for security issues before it is deployed.
- Demonstrable experience in conducting code reviews to identify security deficiencies in how business logic is implemented.
- Experience designing, implementing, and deploying production-quality security engineering systems and incorporating security standards into supporting subsystems as needed.
- Hands-on experience with middleware, message queues, caches, and other related technologies.
- Strong experience in architecture design, high-availability, high-performance, distributed systems and working with 5x9/ zero-downtime systems.
- Demonstrable commitment to engineering and operational excellence–to include development + monitoring of SLOs/SLIs to assure adherence to EOE standards–with direct experience in driving security outcomes within an engineering culture.
- A broad knowledge of attack vectors, exploits and mitigations that work at scale or may be linked together for chained attacks
- Working familiarity with version control systems (Git), issue tracking tools (Jira) and ability to define + support your commitments within an Agile working model.
- Ability to communicate ideas and proposals concisely to a wide-range of audiences
- Ability to author both technical and non-technical documentation on a continuous cadence.
- Ability to fully participate in our on-call rotation as a service owner
What does a strong candidate have?
- Master’s (or Ph.D) in Computer Science, Engineering or a related field
- A security industry-related certification such as Certified Information Systems Security Professional (CISSP) or Offensive Security Certified Professional (OSCP)
- Knowledge of both iOS and Android architecture and development
- Expert-level knowledge within identity and access management security domain, inclusive of role-based access controls, factors-based authentication and identity-based attack (both legacy and emergent) patterns.
- Willingness to participate in incidents as needed as a security SME
- Familiarity with industry-standard threat modeling, risk modeling and vulnerability classification.
- Prior experience leading the design or reconstruction of complex systems, preferably in e-commerce or retail-related fields.
- Deep understanding of the related theories of distributed systems, such as load balancing, distributed transactions, CAP/BASE, etc
- (Bonus) Experience with hardware or embedded device security such as what you would find in a kiosk or a point-of-sale system
And Of Course, Perks
- Flexible PTO. Grubhub employees enjoy a generous amount of time to recharge.
- Health and Wellness. Excellent medical, dental and vision benefits, 401k matching, employee network groups and paid parental leave are just a few of our programs to support your overall well-being.
- Compensation. You'll receive a highly-competitive compensation package with eligibility for generous incentives, bonuses, commission, and RSUs.
- Free Meals. Our employees get a weekly Grubhub credit to enjoy and support local restaurants.
- Social Impact. We believe in giving back through programs like the Grubhub Community Relief Fund, and provide our employees opportunities to support causes that are important to them.
-
Staff Engineer, Product Security
2 months ago
Chicago, United States Grubhub Full timeGrubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business....
-
Staff Engineer, Product Security
2 months ago
Chicago, United States Grubhub Full timeGrubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business....
-
Staff Information Security Engineer
7 days ago
Chicago, Illinois, United States ServiceNow Full timeJob Title: Staff Information Security EngineerServiceNow is seeking a highly skilled Staff Information Security Engineer to join our Digital Technology team. As a key member of our security organization, you will be responsible for implementing and enhancing firewall-as-a-service (FWaaS) solutions, providing ongoing support for secure web gateway operations,...
-
Staff Software Engineer
2 days ago
Chicago, United States Grubhub Full timeGrubhub is seeking a Staff Software Engineer to join our Product Security team. As a member of our team you will help us analyze, design and build security technology into our products and services in order to enable trustworthy experiences for Grubhub’s diners, merchants, drivers and employees. You will dig into the complex world of building security...
-
Security Engineer
6 days ago
chicago, United States Request Technology, LLC Full timeSecurity EngineerSalary: Open + BonusLocation: Chicago, IL or Dallas, TXHybrid: 3 days onsite, 2 days remote*We are unable to provide sponsorship for this role*QualificationsBachelor’s degree3+ years of experience with Security Engineering activities and testing.1-2 years of experience with DevOps processes1-2 years of experience with AWS architecture and...
-
Security Engineer
6 days ago
Chicago, United States Request Technology, LLC Full timeSecurity EngineerSalary: Open + BonusLocation: Chicago, IL or Dallas, TXHybrid: 3 days onsite, 2 days remote*We are unable to provide sponsorship for this role*QualificationsBachelor’s degree3+ years of experience with Security Engineering activities and testing.1-2 years of experience with DevOps processes1-2 years of experience with AWS architecture and...
-
Security Engineer
6 days ago
Chicago, United States Request Technology, LLC Full timeSecurity EngineerSalary: Open + BonusLocation: Chicago, IL or Dallas, TXHybrid: 3 days onsite, 2 days remote*We are unable to provide sponsorship for this role*QualificationsBachelor’s degree3+ years of experience with Security Engineering activities and testing.1-2 years of experience with DevOps processes1-2 years of experience with AWS architecture and...
-
Sales Engineer
5 days ago
Chicago, Illinois, United States Keeper Security, Inc. Full timeJob Title: Sales EngineerWe are seeking an experienced Sales Engineer to join our B2B sales team at Keeper Security, Inc. This is a 100% remote position with an opportunity to work a hybrid schedule for candidates who live near our global headquarters in Chicago.Keeper Security is a leading provider of cybersecurity software trusted by millions of people and...
-
Sales Engineer
2 months ago
Chicago, United States Keeper Security, Inc. Full timeJob DescriptionJob DescriptionKeeper Security is hiring an experienced Sales Engineer to join our B2B sales team. This is a 100% remote position with an opportunity to work a hybrid schedule for candidates who live near our global headquarters in Chicago.Keeper’s cybersecurity software is trusted by millions of people and thousands of organizations,...
-
Senior Security Engineer
3 days ago
Chicago, Illinois, United States eTek IT Services, Inc. Full timeJob Title: Senior Security EngineerWe are seeking an experienced Senior Security Engineer to join our team at eTek IT Services, Inc. in Chicago, IL. As a Senior Security Engineer, you will be responsible for detecting, remediating, and mitigating workstation and mobile security vulnerabilities.Key Responsibilities:Conduct extensive testing and supporting of...
-
Structural Engineer
1 week ago
Chicago, Illinois, United States Orion Engineers LLC Full timeJob Title: Structural Engineer - Staff EngineerWe are seeking a highly skilled Structural Engineer to join our team in Chicago. As a Staff Engineer, you will assist our Structural Engineering team in delivering engineering services on existing projects and pursue new opportunities.Responsibilities:Assist in various tasks including plan preparation, quantity...
-
IT Security Engineer
1 week ago
Chicago, United States VelocityEHS Full timeTHE OPPORTUNITY:This remote opportunity is open to candidates residing anywhere in the United States or Canada. The IT Security Engineer is a dynamic role responsible for fielding and monitoring network and security-related tickets while also assisting with compliance tasks. This role plays a pivotal role in protecting data and infrastructure. The IT...
-
Structural Design Engineer
2 weeks ago
Chicago, Illinois, United States Larson Engineering Full timeAbout the RoleWe are seeking a highly skilled Structural Engineer to join our team at Larson Engineering. As a key member of our team, you will be responsible for designing and developing structural systems for various projects.Key ResponsibilitiesDesign and develop structural systems for buildings, bridges, and other infrastructure projectsCollaborate with...
-
IT Security Engineer
3 months ago
Chicago, United States eTek IT Services, Inc. Full timeJob DescriptionJob DescriptionRole : Senior Security Engineer with EnterprisesLocation: Chicago ILExperience : 10+ yearsW2 Contract& Required SkillsExperience with security concepts and engineering security vulnerability mitigation solutions in both Windows end user compute and mobile environments. Broad infrastructure technology concepts around software,...
-
Staff Reliability Engineer
5 days ago
Chicago, Illinois, United States The Hartford Full timeStaff Reliability EngineerWe're committed to delivering exceptional service and are proud to be an insurance company that goes beyond traditional coverages and policies.As a Staff Reliability Engineer at The Hartford, you'll have every opportunity to achieve your goals and make a meaningful impact. Our team is dedicated to shaping the future of our...
-
Lead Cyber Security Engineer
3 months ago
Chicago, United States Premier Solutions Hi, LLC Full timeJob DescriptionJob DescriptionSalary: Job Description:The Lead Cyber Security Engineer serves as the principal technical advisor and subject matter expert for system categorization, security controls, and ATO for approved cybersecurity tools. Leverages tools to build, harden, maintain, and instrument a comprehensive security orchestration platform for...
-
Staff Software Engineer
3 weeks ago
Chicago, Illinois, United States PayPal Full timeAbout the RoleWe are seeking a highly skilled and experienced Staff Software Engineer to join our Checkout Engineering team at PayPal. As a key member of our team, you will be responsible for the development and delivery of applications and services that power PayPal's Checkout user experiences on the web.Key ResponsibilitiesProvide technical leadership and...
-
Information Security Engineer
7 days ago
chicago, United States ABOC Full timeFor 100 years, ABOC has fostered deep ties to our customers and our community, serving the banking needs of countless businesses, organizations, institutions, and individuals, many for multiple generations. These relationships are based on profound trust, in-depth understanding and highly personal and responsive service provided by our experienced bankers.We...
-
Information Security Engineer
6 days ago
Chicago, United States ABOC Full timeFor 100 years, ABOC has fostered deep ties to our customers and our community, serving the banking needs of countless businesses, organizations, institutions, and individuals, many for multiple generations. These relationships are based on profound trust, in-depth understanding and highly personal and responsive service provided by our experienced bankers.We...
-
Information Security Engineer
6 days ago
Chicago, United States ABOC Full timeFor 100 years, ABOC has fostered deep ties to our customers and our community, serving the banking needs of countless businesses, organizations, institutions, and individuals, many for multiple generations. These relationships are based on profound trust, in-depth understanding and highly personal and responsive service provided by our experienced bankers.We...