Software Engineer - Security
Our Security team supports the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly, our customers’ data. We take a systemic approach to security, and strive to ensure we provide low friction high-impact security across everything we do. We’re looking for a senior developer to help lead our Security Engineering team. Significant in-field experience is not a hard requirement, but an interest in security and a deep desire to know and answer “why” is.
We’d like you to have the vision to identify areas where we can fundamentally make Slack more secure, then propose, build and operate tools to see that to fruition. The role includes significant autonomy towards defining problem spaces and a mandate to build viable tools which are both internally and externally facing. A significant part of this job is meant to attract a multidisciplinary engineer; you probably feel skeptical of any job posting with the “word” DevOps in it, but that’s what you do. We don’t work directly on hardening systems; we’d ask for your help in evaluating tooling pragmatically, and look for you to know when the right time is to spend some money, or when months of development would be advantageous.
- Develop novel software that helps Slack be more secure.
- Creatively scale & operate the infrastructure & tools that handle millions of events per second. Participate in an on-call rotation to support these tools.
- Identify and develop new features & a roadmap to augment existing tools to protect Slack’s production infrastructure and to help make our business lives simpler, more pleasant, more productive (and more secure).
- Curiosity. Creativity.
- Proficiency both in a practical systems programming language & the shell of your choice.
- This is a role afforded the latitude to define workstreams, and entrusted to approach engineering problems as an art form. You want to empower your coworkers with the easy maintainability of code you’ve collaborated on, and you take pride in the craftsmanship of your efforts.
- Motivation to solve root causes of problems, not to patch over quick fixes. This is at the root of our goal to be on-call for our own services. On-call shouldn’t suck.
- An ability to work with other teams. The brilliant jerk need not apply.
- Broad exposure to various security disciplines and deeper understanding of models and principles behind core security concepts such as MFA and securely managing secrets or tokens.
- 2+ years of software development experience
- Golang: we’ve written wide reaching tools in golang, but we aren’t wedded to it.
- Ansible: it’s not that bad, and helps us move quickly, but any configuration management tool is applicable.
- Elasticsearch / Kibana: You can readily access information & love metrics
Back to top