"The front page of the internet,” Reddit brings over 330 million people together each month through their common interests, inviting them to share, vote, comment, and create across thousands of communities. Come for the cats, stay for the empathy.
The Reddit Security team is rapidly developing and this is an opportunity to get in and have an outsized impact on a highly skilled and motivated team. We look for humble experts with a relentlessly resourceful and entrepreneurial, “can do” view of security. We want to deliver facts and not FUD to the business to enable Reddit to manage risk more effectively. Culture is important to us and a learning and developing mentality is vital regardless of the work assigned.
This role will be responsible for advancing our vulnerability management, infrastructure cartography and platform hardening.
- Build and run scalable and sustainable infrastructure to identify vulnerable applications and infrastructure.
- Automate and integrate workflow between vulnerability intelligence ingestion, our platforms and CI/CD process to eliminate vulnerabilities in the SDLC.
- Implement asset and configuration management tooling across all hosts and cloud infrastructure and link the output to campaigns to reduce risk.
- Create and manage configuration compliance and patch management automation within modern CI/CD pipelines.
- Be a part of a team that will triage potential cyber security incidents and respond as part of the cyber security incident management process.
- Constantly innovate at the pace of the adversary using the latest techniques.
- You will mentor and evangelize security practices through cross-functional work with infrastructure and software engineering teams.
- 7+ years of hands-on experience in vulnerability management automation or operations.
- A passion for developing systems and process dedicated to finding vulnerabilities and configuration errors and engineering them out of large scale systems.
- Experience writing tools to automate tasks and integrate systems in Python or equivalent.
- Experience with cloud, IaaS, PaaS, ‘network-as-a-service’ environment is preferable.
- Understanding of current security issues and threats and risks that can manifest in larger scale complex systems.
- Excellent knowledge of Linux/Mac internals, ACLs and OS/platform level security protection and common protocols.
- Comfortable with automation and configuration management tools such as Ansible, Puppet, Drone, Terraform and experience with container-based approaches such as Docker/Kubernetes.
- Knowledge of SSH, keystores, security certificates, user and password management, authentication and authorization, session management.
- Proficiency in taking threat models and applying effective network security strategies at scale.
- Humble expert with a sense of urgency.
- Skilled at taking complex topics and making them simple.
- Transparent judgment and stands behind their decisions, right or wrong.
- Team focus with an ability to work in a matrixed organization.