Staff Engineer, Security Engineering
2 months ago
Grubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business. You will work closely with cross-functional teams, including software engineering (FE + BE), IT, and SRE, to ensure our security practices are robust and scalable. Your expertise will help us achieve our goal of building secure, resilient, and efficient systems. A key part of your role will be to develop and maintain "paved roads" for security, creating standardized and streamlined paths that make secure practices the easiest and most efficient options for our teams. This role reports directly to the head of cybersecurity with broad latitude to work with both senior and new-grad engineers to make a measurable impact on Grubhub’s security posture.
Your Impact
- You will enhance the overall security posture of Grubhub by identifying and mitigating security defects proactively.
- You will contribute to a culture of cybersecurity awareness and continuous improvement within the organization, enabling Grubhub to launch and sustain key business initiatives with minimal risk.
- You will champion high-integrity + high-assurance outcomes in order to ensure the delivery of secure and trustworthy experiences
- You’ll tangibly reinforce our #1 technology philosophy: “security first” by integrating security into the development process from the start, rather than as an afterthought.
What You Will Do
- Identify lacking security-sensitive functionality in Grubhub’s applications and services, translating those control gaps into actionable engineering remediation plans and solutions
- Design, build, deploy and drive adoption of embedded security tooling in conjunction with internal services and platform teams
- Perform threat modeling, design, and code reviews to assess security implications and requirements for the introduction of new security systems and technologies
- Drive initiatives with outside teams to re-engineer existing services to ensure that Grubhub remains resilient against the latest security threats
- Bridge security domain knowledge gaps through technical mentorship of a team of passionate engineers while also delivering uniquely challenging projects.
What we’re expecting you to have
- Bachelor's in Computer Science, Engineering or a related field
- Professional experience of 8+ years in at least two security domains: web security (inclusive of APIs, backends, frontend and microservices), edge/perimeter security, mobile security, cloud security, systems security, or reverse engineering
- 7+ years of industry experience in a software development environment with expert-level proficiency in programming languages like Java, Python, or C++
- Demonstrable experience developing libraries and frameworks that are pre-vetted for security, which developers can use to avoid common vulnerabilities.
- Hands-on experience incorporating security checks and tests into the CI/CD pipeline so that every code change is automatically reviewed for security issues before it is deployed.
- Demonstrable experience in conducting code reviews to identify security deficiencies in how business logic is implemented.
- Experience designing, implementing, and deploying production-quality security engineering systems and incorporating security standards into supporting subsystems as needed.
- Hands-on experience with middleware, message queues, caches, and other related technologies.
- Strong experience in architecture design, high-availability, high-performance, distributed systems and working with 5x9/ zero-downtime systems.
- Demonstrable commitment to engineering and operational excellence–to include development + monitoring of SLOs/SLIs to assure adherence to EOE standards–with direct experience in driving security outcomes within an engineering culture.
- A broad knowledge of attack vectors, exploits and mitigations that work at scale or may be linked together for chained attacks
- Working familiarity with version control systems (Git), issue tracking tools (Jira) and ability to define + support your commitments within an Agile working model.
- Ability to communicate ideas and proposals concisely to a wide-range of audiences
- Ability to author both technical and non-technical documentation on a continuous cadence.
- Ability to fully participate in our on-call rotation as a service owner
What does a strong candidate have?
- Master’s (or Ph.D) in Computer Science, Engineering or a related field
- A security industry-related certification such as Certified Information Systems Security Professional (CISSP) or Offensive Security Certified Professional (OSCP)
- Knowledge of both iOS and Android architecture and development
- Expert-level knowledge within identity and access management security domain, inclusive of role-based access controls, factors-based authentication and identity-based attack (both legacy and emergent) patterns.
- Willingness to participate in incidents as needed as a security SME
- Familiarity with industry-standard threat modeling, risk modeling and vulnerability classification.
- Prior experience leading the design or reconstruction of complex systems, preferably in e-commerce or retail-related fields.
- Deep understanding of the related theories of distributed systems, such as load balancing, distributed transactions, CAP/BASE, etc
- (Bonus) Experience with hardware or embedded device security such as what you would find in a kiosk or a point-of-sale system
And Of Course, Perks
- Flexible PTO. Grubhub employees enjoy a generous amount of time to recharge.
- Health and Wellness. Excellent medical, dental and vision benefits, 401k matching, employee network groups and paid parental leave are just a few of our programs to support your overall well-being.
- Compensation. You'll receive a highly-competitive compensation package with eligibility for generous incentives, bonuses, commission, and RSUs.
- Free Meals. Our employees get a weekly Grubhub credit to enjoy and support local restaurants.
- Social Impact. We believe in giving back through programs like the Grubhub Community Relief Fund, and provide our employees opportunities to support causes that are important to them.
-
Staff Engineer, Security Engineering
2 weeks ago
Chicago, Illinois, United States Grubhub Full timeGrubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. With Grubhub in growth-mode, we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business. You...
-
Staff Engineer, Security Engineering
3 weeks ago
Chicago, United States Grubhub Full timeGrubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business....
-
Staff Engineer, Security Engineering
3 weeks ago
chicago, United States Grubhub Full timeGrubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business....
-
Staff Cyber Security Engineer
2 weeks ago
Chicago, Illinois, United States Lenovo Full timeJob Title: Staff Cyber Security EngineerJob Summary:We are seeking a highly skilled Staff Cyber Security Engineer to join our team at Lenovo. As a Staff Cyber Security Engineer, you will be responsible for designing, implementing, and deploying technical controls to protect Lenovo's systems and data. You will also conduct project technical security...
-
Staff Software Security Engineer
2 weeks ago
Chicago, Illinois, United States Grubhub Full timeGrubhub is seeking a Staff Software Security Engineer to enhance the overall security posture of our platform. This role involves analyzing, designing, and building security technology into our products and services to ensure trustworthy experiences for our users. You will work closely with our engineering team to evaluate software integrity, provide...
-
Staff Engineer, Product Security
4 months ago
Chicago, United States Grubhub Full timeGrubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business....
-
Staff Engineer, Product Security
3 months ago
Chicago, United States Grubhub Full timeGrubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business....
-
Staff Engineer, Security Engineering
4 days ago
Chicago, IL, United States Grubhub Full timeGrubhub is seeking a seasoned Staff-level Software Engineer to design, develop, and maintain security infrastructure and tools to protect the company's platform and data. Grubhub is in growth-mode and we need standardized processes and tools that can be scaled across the organization, to ensure that security measures keep up with the pace of the business....
-
Staff Software Security Engineer
3 weeks ago
Chicago, Illinois, United States Grubhub Full timeSecurity Software EngineerGrubhub is seeking a highly skilled Security Software Engineer to join our Product Security team. As a key member of our team, you will play a critical role in analyzing, designing, and building security technology into our products and services to ensure trustworthy experiences for Grubhub's customers, merchants, and...
-
Staff Software Engineer
1 week ago
chicago, United States Grubhub Full timeGrubhub is seeking a Staff Software Engineer to join our Product Security team. As a member of our team you will help us analyze, design and build security technology into our products and services in order to enable trustworthy experiences for Grubhub’s diners, merchants, drivers and employees. You will dig into the complex world of building security...
-
Staff Software Engineer
3 weeks ago
chicago, United States Grubhub Full timeGrubhub is seeking a Staff Software Engineer to join our Product Security team. As a member of our team you will help us analyze, design and build security technology into our products and services in order to enable trustworthy experiences for Grubhub’s diners, merchants, drivers and employees. You will dig into the complex world of building security...
-
Staff Software Engineer
1 month ago
Chicago, United States Grubhub Full timeGrubhub is seeking a Staff Software Engineer to join our Product Security team. As a member of our team you will help us analyze, design and build security technology into our products and services in order to enable trustworthy experiences for Grubhub’s diners, merchants, drivers and employees. You will dig into the complex world of building security...
-
Security Engineer
2 months ago
Chicago, United States Request Technology, LLC Full timeSecurity EngineerSalary: Open + BonusLocation: Chicago, IL or Dallas, TXHybrid: 3 days onsite, 2 days remote*We are unable to provide sponsorship for this role*QualificationsBachelor’s degree3+ years of experience with Security Engineering activities and testing.1-2 years of experience with DevOps processes1-2 years of experience with AWS architecture and...
-
Security Engineer
2 months ago
Chicago, United States Request Technology, LLC Full timeSecurity EngineerSalary: Open + BonusLocation: Chicago, IL or Dallas, TXHybrid: 3 days onsite, 2 days remote*We are unable to provide sponsorship for this role*QualificationsBachelor’s degree3+ years of experience with Security Engineering activities and testing.1-2 years of experience with DevOps processes1-2 years of experience with AWS architecture and...
-
Security Engineer II
2 weeks ago
Chicago, Illinois, United States Early Warning Services Full timeAbout the RoleWe are seeking a highly skilled Security Engineer II to join our team at Early Warning Services. As a key member of our security team, you will be responsible for managing the use of information security tool sets, including vulnerability management, configuration management, endpoint security, and security posture assessment to ensure our...
-
Cybersecurity Solutions Engineer
2 weeks ago
Chicago, Illinois, United States Keeper Security Full timeAbout the RoleKeeper Security is seeking an experienced Cybersecurity Solutions Engineer to join our B2B sales team. As a key member of our team, you will work closely with the sales force to support the pre-sales and post-sales cycle from a technical perspective.ResponsibilitiesProvide and manage pre-sales technical support for the technical sales process...
-
Staff Security Architect
3 weeks ago
Chicago, Illinois, United States Aledade, Inc. Full timeWe are seeking a highly skilled Staff Security Engineer to join our team at Aledade, Inc. The ideal candidate will have a strong background in designing, implementing, and maintaining security services that support our business.You will be responsible for leading the development, implementation, and ongoing maintenance of comprehensive security strategies...
-
Staff Software Engineer
3 weeks ago
Chicago, Illinois, United States iManage Full timeAbout the RoleWe are seeking a highly skilled Staff Software Engineer to join our cloud services team. As a key member of our team, you will be responsible for designing and developing modules and features for our iManage Work family of products.You will work closely with cross-functional engineering teams and product managers to build integrated solutions,...
-
Senior Security Engineer
1 week ago
Chicago, United States Democorp Full timeOverview: The Senior Security Engineer works in Optiv's 24x7x365 Security Operations Center as a member of the Managed Security Services team. The Senior Security Engineer uses technical knowledge on a number of security technologies to analyze and respond to security threats from various security platforms and technologies. The Senior Security Engineer...
-
Project Engineer
2 weeks ago
Chicago, Illinois, United States OTTO Engineering Full timeJob Title: Project EngineerOTTO Engineering is seeking a highly skilled Project Engineer to join our team. As a Project Engineer, you will be responsible for developing products through design layout and analysis, prototyping, testing, and documentation that meet or exceed customer marketing specifications.Key Responsibilities:Establish design concepts and...
