IT Security Engineer

Founded in August of 2008 and based in San Francisco, California, Airbnb is a trusted community marketplace for people to list, discover, and book unique travel experiences around the world. Whether an apartment for a night, a castle for a week, or a villa for a month, Airbnb allows people to Belong Anywhere through unique travel experiences at any price point, in more than 34,000 cities and over 190 countries. We promote a culture of curiosity, humanity, and creativity through our product, brand, and, most importantly, our people.
The ITX Security team is responsible for securing Airbnb’s corporate systems, network infrastructure, client endpoints, services and data. Our mission is to provide a secure computing environment to the Airbnb team, help architect and build corporate infrastructure securely at scale, and enable new business functions. Airbnb is a community built on trust, and we are an important part of that foundation.
Role & Responsibilities

We are a team focused on proactive security and are looking for hands-on security engineers who are passionate about building and defending.

  • Provide subject matter expertise on authentication, systems and network architecture security.
  • Provide security expertise and guidance on a constant stream of new projects and technologies.
  • Perform security assessments of core corporate and cloud infrastructure.
  • Harden our clients, servers and networks against exploitation.
  • Build and / or implement tools that aid in enhancing the security posture of corporate infrastructure and tools.
  • Collaborate with CSIRT and Production Security teams on cross-functional projects to secure our services and data.
  • Candidate must have more than 3-5 years of true industry experience within Security engineering to be considered.
  • B.S. or M.S. in Computer Science or related field, or equivalent experience.
  • Knowledge of the threat landscape and experience with attacks and mitigation methods.
  • Ability to develop tools using an interpreted programming language (PHP, Python, Ruby, etc.).
  • Security generalist with a firm grasp of or meaningful experience in many of the following areas:
    • Operating systems internals and hardening (OS X, Linux, Windows).
    • Application level security controls for client endpoints.
    • Networking protocols and operations.
    • Virtualization (VMWare).
    • AWS & cloud (SaaS) security.
    • Vulnerability management and remediation.
    • Applied cryptography and key management.
    • Authentication, authorization and directory services.
    • Security information and event management.

Back to top