Lyft is looking to scale its security architecture and needs a Software Engineer with a strong networking background to help secure distributed systems throughout the company.
Requirements
- Solid experience with a high level programming language (bonus points for experience with Python, Go-lang and shell scripts)
- Strong understanding of networking concepts (TCP/IP, HTTP, TLS, DNS) and working experience with edge or sidecar proxies.
- Identity and Access Management (IAM): provisioning least privilege access to users and services. Familiarity with authn/authz and frameworks and concepts related to SSO, SAML, OAuth, OpenID.
- Experience with Amazon Web Services (AWS) or another major cloud service provider
- Kubernetes and container security and running fleets of endpoints or servers in the cloud.
- Cryptography, PKI, or key/certificate distribution
Responsibilities
- Work on our network security initiative such as our Internet edge proxies (Envoy), Web Application Firewall, service-to-service authentication and authorization.
- Architect and build services that improve the security of our systems with an eye towards scalability and avoiding unnecessary friction.
- Develop critical services that Lyft depends on such as our credential management service that provides secrets to all our services at Lyft.
- Work on embedding security best practices such as least privilege, isolation, monitoring, authentication and authorization across our entire infrastructure (systems, application, networking).
- Evangelize our shared security responsibility model by collaborating with other Infrastructure teams at Lyft to ensure that our services and workflows are secure by default.
Other
- When facing a problem that's poorly defined or outside of your expertise, you can quickly learn what you need to dig in, make sense of the problem, and start working towards a solution
- You're a great communicator, and can advocate for your proposals while also empathizing with your teammates' goals and priorities
- You understand that security work must be prioritized because all teams have finite resources. You have good judgment and a sense of when to compromise and when to hold your ground
- Bachelor's, Master's, or Ph.D. degree in Computer Science or related field
- This role will be in-office on a hybrid schedule — Team Members will be expected to work in the office 3 days per week on Mondays, Wednesdays, and Thursdays.