Security Site Reliability Engineer
What You'll Do
- Conceive, architect, and direct implementation of the systems and processes that provide the authentication, and identity management for infrastructure controls for all Credit Karma operating environments.
- Own the strategic vision for System security, including implementation, and ensure that they are aligned with the Information Security policies and operations strategies.
- Support secure development lifecycle practices that emphasize early security design review to ensure that rapid iteration stays firmly planted in a strong authentication foundation.
What's Great About It?
- A satisfying mission, working to make financial progress possible to everyone – free of charge.
- Carrying out two positive missions at the same time: helping people take back control of their credit and helping to keep their personal information safe.
- Tackling a wide variety of challenges, as opposed to being limited to just a few areas of responsibility.
- Solving security problems at scale in a highly technology-focused team.Spending zero minutes convincing anyone why security is important - we all understand that very well already!
What We Expect:
- Strong unix development and operations background, with a solid grasp of all aspects of things IP, TCP, HTTP, and on upAs a hands-on technical specialist, handle complex and detailed technical work necessary to establish and maintain secure cloud security.
- Experience with version control and cloud deployment toolsStrong understanding of security models surrounding encryption, authentication, authorization and access controls.Understanding of cloud services, relational DBs, Linux virtualization (KVM, ESXI), and Linux containerization (Docker/LXC) technologies
- B.S. in Computer Science or related technical major (M.S./PhD preferred), or significant job experience.Minimum 10 years experience with customer-facing production infrastructure.
- Minimum 5 years operational security experience, including time in an architect role.
- Technical depth in many, if not most of the following areas: LAMP stack, Node.js, Scala/Java, network routing and firewalls, virtualization, containerization, virtual terminal solutions, intrusion detection/prevention, mobile, SaaS security, utility computing, PKI, HTTP-based SOA/microservices, and Identity and Access Management.
- Thorough understanding of InfoSec control frameworks and how they can be realistically implemented.
- Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns.
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.A fun and positive attitude!
Meet Some of Credit Karma's Employees
Jonathan works cross-functionally to develop products that help people feel in control of their credit, their options, and their futures.
Back to top