Information Security Engineer (London)

Yelp is looking for an Information Security (InfoSec) Engineer to keep us safe and sane as our team expands to numerous offices around the world. It's an opportunity to have impact and broad scope protecting Yelp's corporate infrastructure, employees, and systems across multiple site locations.

As an InfoSec Engineer, you’ll work on improving our threat detection and response capabilities. Our awesome corporate security engineers bring a software engineering mindset to security, and build automated systems for DFIR that work at scale. You’ll also partner with our corporate infrastructure and IT teams to help architect our future authentication, identity management, and network security systems.

What You Will Do:

  • Lead threat modeling, mitigation discovery, and manual/automated verification of mitigations
  • Build tools and infrastructure for automating incident response
  • Set policies and best security practices for IT, Infrastructure, and other internal organizations and third party integrations
  • Create, validate, and audit access control policies for Yelp systems
  • Lead security education across the organization
  • Participate in incident response and forensics collection and analysis
  • Coordinate resolution of security issues with other Engineering and IT teams
  • Develop monitoring and alerting capabilities for Yelp internal security systems
  • Collaborate with teams inside of Yelp to deploy new security-related tools and processes across the organization

What We Are Looking For:

  • At least 2 years of professional experience working to secure consumer websites, mobile applications, or large corporate IT infrastructure is required
  • Participation in 24/7 incident response is required
  • Exposure to digital forensics and incident response
  • Corporate network penetration testing experience
  • Passion for educating others about security best practices
  • BS or MS in Computer Science, Engineering, or a related technical discipline, or equivalent experience

Pluses:

  • Experience with PCI, SOX, and avoiding draconian compliance regimes
  • Experience conducting third party assessments of software vendors and SaaS apps
  • Threat hunting experience in large corporate infrastructure environment
  • Software development experience in Python, Java, JavaScript, Objective-C, or similar
  • Windows, MacOS, or Linux administration experience
  • Security certifications, such as CISSP

What We Offer:

  • Full responsibility for projects from day one, an awesome team, and a dynamic work environment
  • Competitive salary with equity in the company, a pension scheme, and an optional employee stock purchase program
  • Private health insurance, including dental and vision 
  • Flexible working hours and meeting-free Thursdays
  • Regular 2-day Hackathons and weekly learning groups, always with interesting topics
  • Opportunities to participate in events and conferences throughout Europe 
  • Public transportation season ticket loan and £50 per month toward any exercise of your choice
  • Monthly personal development allowance
  • Central location, a fully stocked kitchen, adjustable sitting/standing desks, quarterly offsites, happy hours, and more! 


Back to top