Senior Security Engineer, Application Security

Senior Security Engineer, Application Security

  • Los Gatos, California

Netflix has a unique and innovative culture that guides us to do things differently. This helps keep engineering velocity high, but also means that our security team needs to operate differently than a traditional security team. The two important aspects of the culture that affect how the security team operates are “Freedom and Responsibility” and “Context not Control”. Employees have tremendous freedom in their work, along with the corresponding responsibility to do the right thing for Netflix. Instead of controlling engineers with process and security gates, we enable them to create secure code and provide them with adequate security context to make the right decisions for Netflix.

The Application Security team helps secure applications that run the Netflix business and the streaming product. Our customers are primarily Netflix engineering teams that produce software deployed within our cloud infrastructure. We aren’t your typical Appsec team. We spend a lot of time automating application insight and vulnerability identification across our AWS ecosystem to scale application security via actionable self-service. In addition to this, we work on driving high impact security initiatives for high-risk product areas. You may have heard of our work in this space at AppsecCali 2019. Our current technology challenges lie in the design and creation of an app ecosystem that enables the Netflix Studio to scale as we create original programming around the world. Some examples include managing identity and access in this complex ecosystem, evolving studio workflows for scale and driving adoption for these tools. Here is a great blog post highlighting some of these challenges for Production Technology.. 

Your primary background is in application security with experience in threat modeling, security design reviews, and security architecture. You also have experience partnering with cross-functional teams to deliver widely impactful security initiatives. You are a strong communicator and are able to translate engineering team asks into product requirements. In this role, you will leverage your experience and technical security expertise to prioritize and deliver security solutions at Netflix scale. We are open for this role to be based in either Los Gatos or Los Angeles. You can expect some travel between the two offices to stay aligned with our Studio InfoSec team. 

Finally, here’s a few more reasons why we love this work and think that you will too:

  • You would have the opportunity to facilitate big impact security work for the Netflix Studio ecosystem.

  • You would be working with an industry leading security team with many opportunities to improve existing projects and identify new ones.

  • You are a big fan of open source software and sharing information. We share when it makes sense and are always researching new ideas from across the community.

  • You enjoy learning and working closely with subject matter experts in diverse areas such as microservices architecture, big data, content delivery networks, and a production studio.

We are looking for thoughtful security professionals who enable our mission and support our culture of freedom and responsibility.  You can learn more about life at Netflix by watching our security talks or exploring our open source work.

We are an equal opportunity employer and value diversity of thought, culture, background, and perspective at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.