Information Security Engineer
What You Will Do:
- Lead threat modeling, mitigation discovery, and manual/automated verification of mitigations.
- Build tools and infrastructure for automating incident response.
- Set policies & best security practices for IT, Infrastructure, and other internal organizations and third party integrations.
- Create, validate and audit access control policies for Yelp systems.
- Lead security education across the organization.
- Participate in incident response, and forensics collection and analysis.
- Coordinate resolution of security issues with other Engineering and IT teams.
- Develop monitoring and alerting capabilities for Yelp internal security systems.
- Collaborate with teams inside of Yelp to deploy new security-related tools and processes across the organization.
We Are Looking For:
- At least 2 years of professional experience working to secure consumer websites, mobile applications, or large corporate IT infrastructure is a requirement.
- Exposure to digital forensics and incident response.
- Corporate network penetration testing experience.
- Passion for educating others about security best practices.
- Participation in 24/7 incident response is required.
- BS or MS in Computer Science, Engineering, or a related technical discipline, or equivalent experience.
- Experience with PCI, SOX, and avoiding draconian compliance regimes.
- Experience conducting third party assessments of software vendors and SaaS apps.
- Threat hunting experience in large corporate infrastructure environment.
- Windows, macOS or Linux administration experience.
- Security certifications, such as CISSP.
Meet Some of Yelp's Employees
Sahr S.Senior Training Manager, Local Sales
Sahr runs Yelp's Sales Training Team in San Francisco. Combining friendly fun with hands-on learning, she shows new hires how to shine on the sales floor.
Back to top